Establishing Cloud Governance and FinOps Culture to Accelerate Business Growth
In today's rapidly evolving technology landscape, organizations are increasingly relying on cloud computing to drive innovation, enhance agility and streamline...
Credential Stuffing. Phishing. Man-in-the-middle. These are just three of the increasingly common ways adversaries are targeting your organization with identity-based...
Strategies to Improve IT and OT Security Collaboration
For decades, Information Technology (IT) and Operational Technology (OT) systems have functioned as separate entities. However, the advent of digital...
Security at Scale: Building a Scalable Infrastructure for Effective SecOps in the Cloud
In today's rapidly evolving threat landscape, security programs must possess three indispensable capabilities: speed, scale and flexibility. The ability to...
Security at Scale: Building a Scalable Infrastructure for Effective SecOps in the Cloud
In today's rapidly evolving threat landscape, security programs must possess three indispensable capabilities: speed, scale and flexibility. The ability to...
As cloud migration continues across regions and sectors, how are organizations choosing security tools, and how are those tools being operationalized? Which practices are producing the best security outcomes, and which are hampering efforts?
These questions are answered in the new report "The State of Cloud-Native Security" by Palo Alto Networks, and it is the topic of this new virtual roundtable. Join this session to gain new insights from event thought leaders, as well as to discuss with your peers:...
Establishing Cloud Governance and FinOps Culture to Accelerate Business Growth
Discussion topics will include:
In today's rapidly evolving technology landscape, organizations are increasingly relying on cloud computing to drive innovation, enhance agility and streamline operations.
However, the shift to the cloud brings new challenges related to governance and financial management, which must be addressed to maximize the benefits of cloud adoption. There is a need to establish an operational framework to make that cultural shift that blends diverse functions, including technology, finance, business and operations and makes them accountable for business growth in the...
Technology advancements and market dynamics are driving the need for industrial organizations to transform and innovate like never before. To enable transformation and support the operational priorities of safety, availability and security, three major technologies and architectures are being considered - Cloud, IoT/IIoT and Mobility/5G.
This is demonstrated through the number and type of devices connecting to the industrial network - smart sensors, valves, and gauges - expanding the attack surface and making industrial environments low-hanging fruit for an attack....
The State of Cybersecurity: What 2022 Tells us about 2023 and Beyond
Discussion topics will include:
As a result of Russia's invasion of Ukraine, the lines between the cyber realm and the real world have blurred. Geopolitical causes now spill over into cyber. Attackers are increasingly aggressive and bold, and defenders must re-think how they protect their enterprises and employees from increasingly personal attacks.
These are among the highlights of Mandiant's new M-Trends Report, which covers the firm's 2022 investigations and postulates on the threats, tactics and procedures to watch for in the second half of...
Lily Chef Kitchen, Derech Ben-Zvi 84, Tel Aviv-Yafo, Israel
Tuesday, June 13th, 2023
Lily Chef Kitchen, Derech Ben-Zvi 84, Tel Aviv-Yafo, Israel
Mathew Schwartz with Ori Bendet
In Person Roundtable
Generating Revenue via Digital Transformation: CISO Strategies for Success
Discussion topics will include:
As organisations continue to pursue digital transformation, CISOs face multiple challenges. At a high level, they must be perceived not as security gatekeepers, but enablers of growth, able to shepherd rapid development and deployment of secure code in a way that boosts the bottom line.
This requires fostering top-notch application security and development team practices, while at the same time making the application security business case to senior management and delivering promised results.
Making Your Organisation Part of the Most Cybersecure Country by 2030
Discussion topics will include:
With Australia suffering two massive data breaches last year, the government is developing a new cybersecurity strategy. The aim is to be the world's most cybersecure nation by 2030. For this, both the government as well as Australian organisations need to be equally invested in building resilience and capabilities to tackle cyberattacks and manage emerging threats.
As an Australian organisation, you’re already on the road to your organisation’s digital transformation journey. With both global cyberthreats continually increasing and real-time system...
Capital Grille- 201 North Tryon Street , Charlotte, NC
Thursday, June 15th, 2023
Capital Grille- 201 North Tryon Street , Charlotte, NC
Josh Hankins with James Deluccia
In-Person Roundtable
Visibility: Learn Your Environment Before the Adversaries Do
Discussion topics will include:
As companies have gone through a digital transformation, increased adoption of cloud and Internet of Things, a growing remote workforce and a technology talent shortage have led to an exponential rise in organizations' attack surface. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.
These unknown assets, combined with thousands of vulnerabilities that are often patched months and months...
Synthetic Identity Theft: Protect Your Good Customers While Stopping Bad Actors
Discussion topics will include:
Synthetic identity theft - a crime perpetrated by bad actors who use real and fake personal information to craft an authentic-looking digital identity - is a fast-growing crime and continues to increase. In fact, according to Aite Group, Synthetic Identity fraud cost U.S. banks $1.8 billion in 2020 and is projected to increase to $2.4 billion in 2023.
During this time of economic uncertainty, how can financial institutions be certain that the customer signing up for a new account or...
The State of Data Security: What is it, Where is it, and Who Has Access?
Discussion topics will include:
Digital Transformation and Cloud Migration have done wonderful things for business productivity, but they have left security leaders asking new questions about data security:
"What data do we retain? Where is it stored? Who has access to it?"
Rubrik Zero Labs has released a new report, “The State of Data Security: The Hard Truths,” which includes insights from over 1,600 IT and security leaders and perspectives from other cybersecurity organizations. In this roundtable, we will discuss the findings from the...
Tech Debt: Eliminate it with App Modernization Strategy & Security
Discussion topics will include:
Tech debt: Much like financial debt, it is best when managed responsibly. But also like financial debt, tech debt can stop growth and innovation in its tracks. And this lesson, too: Overwhelming tech debt comes from unhealthy habits.
So, what are leading enterprises doing to measure and address tech debt? How are they engaging business partners to face the challenge? And what role can app modernization play in honing strategies and improving security? Join this session to gain new insights...
Improve Detection and Response Without Adding Headcount
Discussion topics will include:
As global economic concerns grow in 2023, cybersecurity teams find themselves in a bind: Budgetary and human resources are constrained, but adversaries and threats are not. In fact, the threats are only growing exponentially each year.
How do organizations reduce costs when security challenges are growing at an historic pace? Are legacy tools and relationships adequate to address current threats? How do security teams find and retain talent necessary to improve incident detection and response?
Credential Stuffing. Phishing. Man-in-the-middle. These are just three of the increasingly common ways adversaries are targeting your organization with identity-based attacks.
And as these identity-based attacks become more prominent and sophisticated, security teams have to ensure that proper identity and access management solutions are incorporated into their security projects to thwart these attacks.
How is identity being exploited by attackers in today's digitally-transformed enterprise? What are the challenges and barriers to implementing preventative measures? What modern solution options are available,...
The State of Cybersecurity: What 2022 Tells Us About 2023 and Beyond
Discussion topics will include:
As a result of Russia's invasion of Ukraine, the lines between the cyber realm and the real world have blurred. Geopolitical causes now spill over into cyber. Attackers are increasingly aggressive and bold, and defenders must re-think how they protect their enterprises and employees from increasingly personal attacks.
These are among the highlights of Mandiant's new M-Trends Report, which covers the firm's 2022 investigations and postulates on the threats, tactics and procedures to watch for in the second half of...
Strategies to Improve IT and OT Security Collaboration
Discussion topics will include:
For decades, Information Technology (IT) and Operational Technology (OT) systems have functioned as separate entities. However, the advent of digital transformation and cloud technologies have converged these two distinct networks. This convergence, whilst unlocking new potential, has also necessitated a collaborative approach between IT and OT security teams to ensure operational protection and availability.
In light of the recent enhancements to the Network and Information Systems Directive by EU member states in January 2023, the need for robust security measures...
The State of Data Security: What is it, Where is it, and Who Has Access?
Discussion topics will include:
Digital Transformation and Cloud Migration have done wonderful things for business productivity, but they have left security leaders asking new questions about data security:
"What data do we retain? Where is it stored? Who has access to it?"
Rubrik Zero Labs has released a new report, “The State of Data Security: The Hard Truths,” which includes insights from over 1,600 IT and security leaders and perspectives from other cybersecurity organizations. In this roundtable, we will discuss the findings from the...
Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process
Discussion topics will include:
It's a broader attack surface than ever, nation-state threat actors are increasingly flexing their cyber muscles, and adversaries actively seek to exploit software vulnerabilities to attack critical infrastructure.
Isn't it time for our defense to act a bit more like an offense?
Welcome to this executive roundtable, "Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process," where you will gain new insights from event thought leaders, as well as have a chance to discuss with your peers.
Security at Scale: Building a Scalable Infrastructure for Effective SecOps in the Cloud
Discussion topics will include:
In today's rapidly evolving threat landscape, security programs must possess three indispensable capabilities: speed, scale and flexibility. The ability to detect threats at scale requires hardened data pipelines that can reliably gather data from various sources, analyze it and quickly trigger alerts based on risk assessment and known malicious actor tactics, techniques, and procedures. Legacy tools that are breaking and homegrown systems that are challenging to maintain further exacerbate these challenges, hindering effective security operations.
The State of Data Security: What is it, Where is it, and Who Has Access?
Discussion topics will include:
Digital Transformation and Cloud Migration have done wonderful things for business productivity, but they have left security leaders asking new questions about data security:
"What data do we retain? Where is it stored? Who has access to it?"
Rubrik Zero Labs has released a new report, “The State of Data Security: The Hard Truths,” which includes insights from over 1,600 IT and security leaders and perspectives from other cybersecurity organizations. In this roundtable, we will discuss the findings from the...
Achieving the Benefits of Converged Endpoint Management
Discussion topics will include:
Managing endpoint risk and compliance is more challenging today than ever before. Today’s CISOs have to manage risk from many thousands of globally distributed, heterogeneous assets, while also responding to ever increasing audit scrutiny and regulatory compliance requirements.
Discussion topics will include: Identify & remediate risks that create the greatest exposure Assess & measure unknown vulnerabilities Maximize IT budgets and staffing during economic uncertainty Enhance existing investment in strategic technology vendors
Learn how converged endpoint management provides an effective, expedient...
Security at Scale: Building a Scalable Infrastructure for Effective SecOps in the Cloud
Discussion topics will include:
In today's rapidly evolving threat landscape, security programs must possess three indispensable capabilities: speed, scale and flexibility. The ability to detect threats at scale requires hardened data pipelines that can reliably gather data from various sources, analyze it and quickly trigger alerts based on risk assessment and known malicious actor tactics, techniques, and procedures. Legacy tools that are breaking and homegrown systems that are challenging to maintain further exacerbate these challenges, hindering effective security operations.
Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process
Discussion topics will include:
It's a broader attack surface than ever, nation-state threat actors are increasingly flexing their cyber muscles, and adversaries actively seek to exploit software vulnerabilities to attack critical infrastructure.
Isn't it time for our defense to act a bit more like an offense?
Welcome to this executive roundtable, "Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process," where you will gain new insights from event thought leaders, as well as have a chance to discuss with your peers.
Addressing Security Challenges for a Flexible Workforce
Discussion topics will include:
IT and security teams are facing new challenges due to a distributed workforce. As more and more users connect to company networks from remote locations, data is traversing outside traditional on-premises data centers, creating security gaps that legacy network architectures are not built to handle. Enterprises are looking for consistency in terms of security and quality of experience, regardless of end users’ location. The key is to simplify security, streamline policy enforcement and increase threat protection by combining multiple functions...
Tech Debt: Eliminate it with App Modernization Strategy & Security
Discussion topics will include:
Tech debt: Much like financial debt, it is best when managed responsibly. But also like financial debt, tech debt can stop growth and innovation in its tracks. And this lesson, too: Overwhelming tech debt comes from unhealthy habits.
So, what are leading enterprises doing to measure and address tech debt? How are they engaging business partners to face the challenge? And what role can app modernization play in honing strategies and improving security? Join this session to gain new insights...
Synthetic Identity Theft: Protect Your Good Customers While Stopping Bad Actors
Discussion topics will include:
Synthetic identity theft - a crime perpetrated by bad actors who use real and fake personal information to craft an authentic-looking digital identity - is a fast-growing crime and continues to increase. In fact, according to Aite Group, Synthetic Identity fraud cost U.S. banks $1.8 billion in 2020 and is projected to increase to $2.4 billion in 2023.
During this time of economic uncertainty, how can financial institutions be certain that the customer signing up for a new account or...
El Gaucho Bellevue, 108th Avenue Northeast, Bellevue, WA, USA
Tuesday, May 23rd, 2023
El Gaucho Bellevue, 108th Avenue Northeast, Bellevue, WA, USA
Tom Field with Mike Lefebvre
In-Person Roundtable
Cybersecurity Steps Up: Embrace the Fiduciary Responsibility
Discussion topics will include:
Fiduciary responsibility: We've always thought of it in a financial context, requiring an executive by law to manage one's money and property for the client's benefit, not their own.
But fiduciary responsibility now has a cybersecurity context, and security leaders, their executives and boards increasingly are being pulled into formal fiduciary roles over cyber risk to the enterprise.
Yet, how can one exercise fiduciary responsibility without being able to separate signal from noise re: the management of tools, partners and...
BLT Steak – DC– 1625 I Street, Washington, DC 20006
Thursday, May 18th, 2023
BLT Steak – DC– 1625 I Street, Washington, DC 20006
Tom Field with David Brumley
In-Person Roundtable
Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process
Discussion topics will include:
It's a broader attack surface than ever, nation-state threat actors are increasingly flexing their cyber muscles, and adversaries actively seek to exploit software vulnerabilities to attack critical infrastructure.
Isn't it time for our defense to act a bit more like an offense?
Welcome to this executive roundtable, "Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process," where you will gain new insights from event thought leaders, as well as have a chance to discuss with your peers.
Enabling Business Growth through Application and Infrastructure Modernization in the Digital Era
Discussion topics will include:
IT leaders believe that digital transformation initiatives aren’t only essential for staying competitive, but key to an enterprise’s resilience and growth in times of volatility. As businesses navigate through the digital complexities, application and infrastructure modernization has emerged as a critical factor for success, which goes beyond just moving offline business processes and legacy infrastructure to digital platforms, but to establishing agility, scalability, security, observability, and governance with enhanced performance of the applications and infrastructures.
Digital acceleration has ushered in a new way of working: employees now spend most of their time working in the cloud, using SaaS applications and other web-based tools. However, in doing so, organisations are now struggling to manage a variety of new blind spots in traditional approaches to security that are not fit to protect modern working models. Consequently, there has been a surge in a new class of Highly Evasive Adaptive Threats: Coinbase, Reddit, Oktapus to name a few....
McCormick & Kuleto's- 900 North Point St, San Francisco, CA 94109
Tuesday, May 16th, 2023
McCormick & Kuleto's- 900 North Point St, San Francisco, CA 94109
Tim West with Michael Gutsche
In-Person Roundtable
Improve Detection and Response Without Adding Headcount
Discussion topics will include:
As global economic concerns grow in 2023, cybersecurity teams find themselves in a bind: Budgetary and human resources are constrained, but adversaries and threats are not. In fact, the threats are only growing exponentially each year.
How do organizations reduce costs when security challenges are growing at an historic pace? Are legacy tools and relationships adequate to address current threats? How do security teams find and retain talent necessary to improve incident detection and response?
Attack Surface Management: Staying Ahead of Evolving Threats
Discussion topics will include:
Whether it be the rise of double extortion ransomware attacks, risks posed by new technologies such as ChatGPT or quantum computing, or nation-states who seek to disrupt operations or steal intellectual property, enterprises face an unprecedented level of threat and complexity as they operate in today’s multi-cloud and digital world.
The “attack surface” for the adversaries to exploit is becoming increasingly broad and cybersecurity leaders need to examine a wide range of factors when creating a cyber risk strategy. This...
As cloud migration continues across regions and sectors, how are organizations choosing security tools, and how are those tools being operationalized? Which practices are producing the best security outcomes, and which are hampering efforts?
These questions are answered in the new report "The State of Cloud-Native Security" by Palo Alto Networks, and it is the topic of this new virtual roundtable. Join this session to gain new insights from event thought leaders, as well as to discuss with your peers:...
Conquering Supply Chain Insecurities: The Security Promise
Discussion topics will include:
The industry is witnessing new attacks against the open-source software supply chain, which becomes an intrusion point for attackers to gain control over an organization's critical assets.
This is possible because the modern digital business increasingly relies on technology partnerships, leveraging third-party applications and data to deliver new functionality and optimized user experiences to market, often resulting in mishaps.
Security leaders have the daunting task of establishing accountability for checking the malicious code in their supply chain. Can you establish...
Conquering Software Supply Chain Insecurities: The Security Promise
Discussion topics will include:
The industry is witnessing new attacks against the software supply chain and specifically the open-source eco-system which becomes an intrusion point for attackers to gain control over an organization's critical assets.
This is possible because the modern digital business increasingly relies on technology partnerships, leveraging third-party applications and data to deliver new functionality and optimized user experiences to market, often resulting in mishaps.
Security leaders have the daunting task of establishing accountability for checking the malicious code in their supply...
Eddie V's Prime Seafood Uptown Charlotte- 101 S Tryon St, Charlotte, NC
Tuesday, May 9th, 2023
Eddie V's Prime Seafood Uptown Charlotte- 101 S Tryon St, Charlotte, NC
Jennifer Spykerman with JT Perry
In-Person Roundtable
Tech Debt: Eliminate it with App Modernization Strategy & Security
Discussion topics will include:
Tech debt: Much like financial debt, it is best when managed responsibly. But also like financial debt, tech debt can stop growth and innovation in its tracks. And this lesson, too: Overwhelming tech debt comes from unhealthy habits.
So, what are leading enterprises doing to measure and address tech debt? How are they engaging business partners to face the challenge? And what role can app modernization play in honing strategies and improving security? Join this session to gain new insights...
Achieving the Benefits of Converged Endpoint Management
Discussion topics will include:
Managing endpoint risk and compliance is more challenging today than ever before. Today’s CISOs have to manage risk from many thousands of globally distributed, heterogeneous assets, while also responding to ever increasing audit scrutiny and regulatory compliance requirements.
Discussion topics will include: Identify & remediate risks that create the greatest exposure Assess & measure unknown vulnerabilities Maximize IT budgets and staffing during economic uncertainty Enhance existing investment in strategic technology vendors
Learn how converged endpoint management provides an effective, expedient...
Visibility: Learn Your Environment Before the Adversaries Do
Discussion topics will include:
As companies have gone through a digital transformation, increased adoption of cloud and Internet of Things, a growing remote workforce and a technology talent shortage have led to an exponential rise in organizations' attack surface. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.
These unknown assets, combined with thousands of vulnerabilities that are often patched months and months...
Make Your Endpoint Security Effortless With AI-Driven Automation
Discussion topics will include:
With endpoints continuing to be the primary target of attackers, having a good EDR strategy has become a must. The accelerated speed of attacks has pushed organizations to realize the importance of automation in security solutions. While the market gets filled with new solutions every year, security practitioners want to leverage existing security solutions. How do you make your EDR solution more effective? Can you add a layer of automation on top of your existing EDR solution? How can you...
Most enterprises are already on the road to digital transformation. Moving to zero trust is a big step in that journey. A well-thought-out strategy is a critical first step to implementing zero trust at any company. However, zero trust is not a monolithic approach. The zero trust strategy will differ between industries and so will the use cases. How do you solve the different use cases with the zero trust principle? How do you know what works for your industry?...
Osso Steakhouse- 1177 California Street, San Francisco, CA
Tuesday, April 25th, 2023
Osso Steakhouse- 1177 California Street, San Francisco, CA
Tom Field with Pete Morgan
In-Person Roundtable
Software Supply Chain Attack Types and How to Block Them
Discussion topics will include:
Software supply chain security is the new hot cybersecurity topic, and rightly so. Adversaries are using the open-source ecosystem as an entry point to gain access to crown-jewel data and compromise enterprise assets. And software supply chain security has become a priority even to the President of the United States.
But often overlooked in this new dynamic are the developers. Their value to the enterprise is immense, and as a result … they have become the new high-value target for...
As cloud migration continues across regions and sectors, how are organizations choosing security tools, and how are those tools being operationalized? Which practices are producing the best security outcomes, and which are hampering efforts?
These questions are answered in the new report "The State of Cloud-Native Security" by Palo Alto Networks, and it is the topic of this new virtual roundtable. Join this session to gain new insights from event thought leaders, as well as to discuss with your peers:...
Cybersecurity and Cyber Insurance Essentials for the Ransomware Era
Discussion topics will include:
As ransomware-wielding attackers continue to amass victims across every sector, cybersecurity teams are scrambling to hone their defense and response capabilities. So it's no surprise they're increasingly embracing practices and approaches to help them better lock down their networks to minimize the impact of a successful attack. Cyber insurance is also part of many organizations' risk-mitigation strategy. But the continuing success of ransomware as a criminal business model has led to a surge in premiums and insurers demanding more robust...
Establishing Agile and Scalable Networks in the Digital Era: The Security Promise
Discussion topics will include:
The macroeconomic uncertainty has neither disrupted digital innovations nor deterred adversaries from pursuing malicious goals. Aligned with this, digital business acceleration, cloud adoption and a hybrid workforce are demanding new security and networking approaches to transform and drive business growth with enhanced security and user experience.
CISOs have the daunting task of prioritizing their organizational security concerns and having a robust security architecture that can support today’s dynamic nature of users and applications residing outside the boundary of networks.
Al Biernat's North- 5251 Spring Valley Rd, Dallas, TX
Tuesday, April 18th, 2023
Al Biernat's North- 5251 Spring Valley Rd, Dallas, TX
Tim West with Apollo Hernandez
In-Person Roundtable
Improve Detection and Response Without Adding Headcount
Discussion topics will include:
As global economic concerns grow in 2023, cybersecurity teams find themselves in a bind: Budgetary and human resources are constrained, but adversaries and threats are not. In fact, the threats are only growing exponentially each year.
How do organizations reduce costs when security challenges are growing at an historic pace? Are legacy tools and relationships adequate to address current threats? How do security teams find and retain talent necessary to improve incident detection and response?
State of Data Security: The Human Impact of Cybercrime
Discussion topics will include:
Over one-third of organizations had a leadership change in the last year due to a cyberattack and its follow-on response.
That’s one of the several alarming findings from Rubrik Zero Labs’s inaugural report, “The State of Data Security: The Human Impact of Cybercrime,” which examines how the constant threat of cyber attacks is affecting organizations and the people charged with protecting them.
In this roundtable, we will discuss the findings from the in-depth global study commissioned by Rubrik and conducted...
Visibility & Security: How to Trust Devices in Your Enterprise
Discussion topics will include:
Since 2020, enterprises across sectors have embraced remote and hybrid work, and as a result they have sped adoption of cloud and mobile technologies. This has forever evolved how we work, moving us from a network-centric architecture to one built around users, devices and applications.
Yet, how do you validate which users, devices and applications are touching your systems? How do you enable secure and direct access to remote workers, vendors and contractors who reside outside the traditional perimeter?
Visibility: Learn Your Environment Before the Adversaries Do
Discussion topics will include:
As companies have gone through a digital transformation, increased adoption of cloud and Internet of Things, a growing remote workforce and a technology talent shortage have led to an exponential rise in organizations' attack surface. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.
These unknown assets, combined with thousands of vulnerabilities that are often patched months and months...
State of Ransomware: The Business Impact of Cybercrime
Discussion topics will include:
Multi-layered extortion, IP theft and increasingly targeted personalised attacks – we’ve seen ransomware evolve rapidly since the WannaCry headlines in 2017. Amidst Nation State adversaries and socio-economic unrest, organisations must maintain resilience against the increasingly diverse techniques being used to orchestrate attacks.
Whilst many mature organisations have a robust strategy in place, the threat landscape is expanding more rapidly than the recovery plans. Despite the importance of recovery, keeping business operations running in the interim can help prevent organisations being...
Visibility: Learn Your Environment Before the Adversaries Do
Discussion topics will include:
As companies have gone through a digital transformation, increased adoption of cloud and Internet of Things, a growing remote workforce and a technology talent shortage have led to an exponential rise in organizations' attack surface. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.
These unknown assets, combined with thousands of vulnerabilities that are often patched months and months...
Revolutionising Banking and Edge Computing: Personalized Customer Engagement and Fraud Prevention
Discussion topics will include:
Traditional banking has long been weighed down by complex legacy architectures that are not agile, leading to bad customer segmentation & experience. Until now, retail banks haven’t been able to leverage the flexibility of cloud, with its rapid and flexible updates or the benefits of more local compute.
FinTech banks on the other hand have disrupted the traditional banking industry, offering innovative and often mobile-first solutions to customers. However, the agility and flexibility of these banks can still be limited...
Mastro's Ocean Club- 1200 S Figueroa St, Los Angeles, CA
Wednesday, March 22nd, 2023
Mastro's Ocean Club- 1200 S Figueroa St, Los Angeles, CA
Peter Chestna with James DeLuccia
In-Person Roundtable
Software Supply Chain Security: Surviving the Era of the Criminal Coder
Discussion topics will include:
Remember when software supply chain security meant waiting for adversaries to exploit a newly discovered zero day? Those days are gone.
Attackers are now focusing proactively on the open-source software supply chain - planting vulnerabilities as opposed to waiting for them. Why? Because the supply chain is the perfect vehicle to gain an exponential advantage over unsuspecting victims.
Today's reality: Most organizations do not fully grasp supply chain risks and have not taken the appropriate steps to safeguard their apps...
How Swiss Organisations Can Quantify Cyber Risk as Business Risk
Discussion topics will include:
How can CISOs best quantify the cybersecurity risks facing their organisation? Increasingly, business leaders are calling on them to express this not in terms of technical risk, but risk to the business. Such knowledge is crucial for better guiding cybersecurity investments and understanding their return investment (ROI).
Accordingly, how can CISOs best identify and continually track the actual threats facing their organisation? How should they identify and prioritise the attack scenarios — perhaps including data leakage, or a ransomware outbreak...
Ferrari’s Italian Villa & Chop House- 1200 William D Tate Ave, Grapevine, TX
Tuesday, March 21st, 2023
Ferrari’s Italian Villa & Chop House- 1200 William D Tate Ave, Grapevine, TX
George Symons with Ty Howard
In Person Roundtable
Cyber Recovery Preparation: Staying One Step Ahead of The Attackers
Discussion topics will include:
Ransomware attacks are becoming inevitable as bad actors exploit the weakest link of cyber defense - humans. The goal of cyber resilience is to transform business expectations and guarantee that businesses face a less-than-significant impact from a cyberattack. After all, it is not only about how to prepare, protect and detect but also remediate and recover. The recovery process needs to ensure not only a quick recovery but also a quicker back to business. For a faster recovery environment, malware...
Morton's the Steakhouse - 5th Avenue, New York City
Tuesday, March 21st, 2023
Morton's the Steakhouse - 5th Avenue, New York City
Tom Field with Peter Chestna
In-Person Roundtable
Software Supply Chain Security: Surviving the Era of the Criminal Coder
Discussion topics will include:
Remember when software supply chain security meant waiting for adversaries to exploit a newly discovered zero day? Those days are gone.
Attackers are now focusing proactively on the open-source software supply chain - planting vulnerabilities as opposed to waiting for them. Why? Because the supply chain is the perfect vehicle to gain an exponential advantage over unsuspecting victims.
Today's reality: Most organizations do not fully grasp supply chain risks and have not taken the appropriate steps to safeguard their apps...
With cybercrime on the rise, more organizations are implementing best practices such as multi-factor authentication (MFA) to protect their users from credential theft, phishing attempts and brute-force password guessing. To circumvent this layer of protection, hackers have developed a new tactic: MFA fatigue or MFA bombing. This method relies on spamming victims with endless authentication prompts until they grant the attacker access by accident or out of sheer frustration. As attackers increasingly exploit MFA bypass vulnerabilities, how can security leaders...
State of Data Security: The Human Impact of Cybercrime
Discussion topics will include:
Over one-third of organizations had a leadership change in the last year due to a cyberattack and its follow-on response.
That’s one of the several alarming findings from Rubrik Zero Labs’s inaugural report, “The State of Data Security: The Human Impact of Cybercrime,” which examines how the constant threat of cyber attacks is affecting organizations and the people charged with protecting them.
In this roundtable, we will discuss the findings from the in-depth global study commissioned by Rubrik and conducted...
The New Shift Left: Cultivate Developer Security Adoption
Discussion topics will include:
Application security programs have undergone major changes in recent years to adapt to the evolution brought by agile development, DevOps pipelines and faster deployments. New DevSecOps models result in a significant security ownership shift to the development teams. But for development teams to truly take responsibility for security, they need to embrace and adopt the new security practices.
What are the organizational, process and tooling challenges that need to be overcome to support this new shift left?
OT Security: Adapting to Evolving Threat and Business Landscapes
Discussion topics will include:
Through accelerated digital transformation and hybrid work, our critical infrastructure is at risk like never before. And while attacks impacting cyber-physical systems long have been a growing concern, they are now more likely than ever.
Many of these legacy systems were not designed to co-exist seamlessly in a connected environment. And it will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities that are...
Faster Detection and Response to Threats: The Cloud Promise
Discussion topics will include:
SecOps teams are grappling with the challenges of alert fatigue, tackling multiple environments, lack of automation, and ineffective security intelligence, resulting in significant blindspots and poor mean time to detect and respond to threats. In addition, the digital shift, kindled by business mobility and the cloud, among today’s mobile workforce is exposing corporate networks to complex cybersecurity issues through shadow IT, file sharing and unauthorized user access.
As a security leader, you have the daunting task of managing your enterprise...
Urban Farmer- 1850 Benjamin Franklin Parkway, Philadelphia PA
Tuesday, March 14th, 2023
Urban Farmer- 1850 Benjamin Franklin Parkway, Philadelphia PA
Tom Field with Corey Smith
In-Person Roundtable
Visibility: Learn Your Environment Before the Adversaries Do
Discussion topics will include:
As companies have gone through a digital transformation, increased adoption of cloud and Internet of Things, a growing remote workforce and a technology talent shortage have led to an exponential rise in organizations' attack surface. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.
These unknown assets, combined with thousands of vulnerabilities that are often patched months and months...
Three years ago, pre-pandemic, many enterprises were just "dipping their toes" in cloud migration. Now, in 2023, they are over their heads swimming in multi-cloud environments. They recognize that cloud security is a different animal than on-prem. But, what does good cloud security actually look like?
Welcome to this executive roundtable, "Cloud Migration: What is Good Security?" where you will gain new insights from event thought leaders.
Discussion topics will include: Pitfalls on the cloud migration highway; Aligning multi-cloud security...
Establishing Proactive Security in the age of Zero trust: Going beyond compliance?
Discussion topics will include:
As companies undergo digital transformation, increased adoption of cloud and the Internet of Things, a growing remote workforce, and technology talent shortage has led to an exponential rise in organizations' attack surface.
Being proactive in their security is critical for security practitioners as organizations go through digital transformation along with the zero trust journey. This transformation makes it imperative for organizations to learn about their environment before the adversaries do.
The daunting task for security teams today is to build...
Organizations, across spectrum, are rapidly adopting and implementing more cloud-based apps and microservices to become a cloud-first company. Gartner says about 85% enterprises aim to embrace a cloud-first strategy by 2025 to unlock more agile development processes to adapt to changing needs faster.
However, in the security concerns of hybrid and multi-cloud environments is a continuous struggle for CISOs and security teams.
While balancing between speed and security, the enterprises require a cloud native application protection platform (CNAPP), which helps...
ChatGPT and other transformative and generative models have shaken up the cybersecurity world to the realities of intelligent machine-human interfaces, resulting in the role expansion of CISOs to various business units. Understandably, security practitioners are emphasizing the need to have a consolidated view across one dashboard, while being mindful of the cost.
With an overwhelming set of responsibilities, how do CISOs focus on real threats? How do they predict threats beforehand and how do they decide whether to stay on-premises...
Building Modern Corporate Network for Hybrid Workforce
Discussion topics will include:
The hybrid work models have cracked open gaps in the traditional perimeter-led approach to security. As the hybrid workforce expands beyond ‘remote’ and ‘back to office’ employees to include contractors, suppliers and vendors, security needs to scale alongside.
To enable the hybrid workforce with secure access to internal applications and tools from anywhere, the security controls must meet them where they are.
An identity and context-based application access and software-defined security built on zero trust can help businesses secure remote...
Simplifying Security Operations for A Hybrid World
Discussion topics will include:
In a hybrid, multi-cloud world, organizations can’t simply extend on-premises security controls to the cloud, where configurations and workflows are different. They need to work closely with cloud providers and security vendors to implement a shared, end-to-end security model.
This is also applicable when organizations adopt strategies and platforms that operationalize threat and vulnerability hunting, incident response, remediation and recovery.
Discussion topics will include:
How SOC adoption is different for cloud and on-premises environment How enterprises with a lean team...
The Capital Grille- 155 East 42nd St., New York, NY
Thursday, March 9th, 2023
The Capital Grille- 155 East 42nd St., New York, NY
Tom Field with Josh Hankins
In-Person Roundtable
Visibility: Learn Your Environment Before the Adversaries Do
Discussion topics will include:
As companies have gone through a digital transformation, increased adoption of cloud and Internet of Things, a growing remote workforce and a technology talent shortage have led to an exponential rise in organizations' attack surface. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.
These unknown assets, combined with thousands of vulnerabilities that are often patched months and months...
State of Data Security: The Human Impact of Cybercrime
Discussion topics will include:
Over one-third of organizations had a leadership change in the last year due to a cyberattack and its follow-on response.
That’s one of the several alarming findings from Rubrik Zero Labs’s inaugural report, “The State of Data Security: The Human Impact of Cybercrime,” which examines how the constant threat of cyber attacks is affecting organizations and the people charged with protecting them.
In this roundtable, we will discuss the findings from the in-depth global study commissioned by Rubrik and conducted...
The Low-Code No-Code Key to Digital Transformation at Speed and Scale
Discussion topics will include:
Business apps are at the core of organizations’ digital transformation strategy. Apps have become a key construct of customer, partner and employee experience, enabling workflows and transactions to keep the business up and running. However, challenges around delivering faster innovation to meet dynamic business demands with limited skilled resources and budgets often become a limiting factor. To stay ahead of the curve, businesses need to adopt a deft approach to automation and digitization through low-code and no-code-enabled business apps. Low-code...
The Low-Code No-Code Key to Digital Transformation at Speed and Scale
Discussion topics will include:
Business apps are at the core of organizations’ digital transformation strategy. Apps have become a key construct of customer, partner and employee experience, enabling workflows and transactions to keep the business up and running. However, challenges around delivering faster innovation to meet dynamic business demands with limited skilled resources and budgets often become a limiting factor. To stay ahead of the curve, businesses need to adopt a deft approach to automation and digitization through low-code and no-code-enabled business apps. Low-code...
The Challenges of Digital Trust in Business Transformation
Discussion topics will include:
Digital transformation has created a wealth of opportunities: cloud migration, smart devices, automation, IT/OT-IoT convergence, and third-party infrastructure integration. But it has also brought with it vulnerabilities inherent in legacy technology, the disconnect of OT, supply chain compromise, an enlarged attack surface and increased attention from nation-state and criminal adversaries who seek to disrupt operations or steal intellectual property.
Today's CISOs need to focus on these new vulnerabilities and risks. However, as uncertain economic times prevail, the necessity for strong...
The Low-Code No-Code Key to Digital Transformation at Speed and Scale
Discussion topics will include:
Business apps are at the core of organizations’ digital transformation strategy. Apps have become a key construct of customer, partner and employee experience, enabling workflows and transactions to keep the business up and running. However, challenges around delivering faster innovation to meet dynamic business demands with limited skilled resources and budgets often become a limiting factor. To stay ahead of the curve, businesses need to adopt a deft approach to automation and digitization through low-code and no-code-enabled business apps. Low-code...
The New Shift Left: Cultivate Developer Security Adoption
Discussion topics will include:
Application security programs have undergone major changes in recent years to adapt to the evolution brought by agile development, DevOps pipelines and faster deployments. New DevSecOps models result in a significant security ownership shift to the development teams. But for development teams to truly take responsibility for security, they need to embrace and adopt the new security practices.
What are the organizational, process and tooling challenges that need to be overcome to support this new shift left?
Make Your Endpoint Security Effortless With AI-Driven Automation
Discussion topics will include:
Organizations face more than 150 million new malware samples every year. Given the severity, it is challenging for any signature-based company to keep a track of new signatures and update on the latest threats. Moreover, zero day exploits continue to be a problem for security practitioners. With a shortage of human resources to deal with increasing amounts of data, there will be a tipping point for human analysts. The questions that arise are: how to quickly ascertain what is vulnerable,...
The Economics of Cybercrime and Measuring the Ripple Effect of the Breach
Discussion topics will include:
Ransomware attackers earned an estimated $465 million in profit in 2021 - up 33% from 2020. Meanwhile, the meantime between intrusion and detection - dwell time - was measured at an unsettling 56 days.
Oh, and meanwhile: There were roughly 3.5 million unfilled cybersecurity jobs by the end of 2021, and 82% of surveyed organizations reported a shortage of cybersecurity skills.
These numbers deliver two messages: It is economically rational for attackers to keep attacking, and skills-strapped enterprises increasingly need...
Accelerated digital transformation has heightened the risk of cyberattacks on critical infrastructure. Many of these legacy systems have not been designed to coexist seamlessly in a connected environment. Security upgrades are often installed in a piecemeal manner since the systems are complex. Moreover, visibility is poor across multiple systems and isolated environments. Digital evolution will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities...
OT Security: Adapting to Evolving Threat and Business Landscapes
Discussion topics will include:
Through accelerated digital transformation and hybrid work, our critical infrastructure is at risk like never before. And while attacks impacting cyber-physical systems long have been a growing concern, they are now more likely than ever.
Many of these legacy systems were not designed to co-exist seamlessly in a connected environment. And it will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities that are...
How Can Business Infrastructure Become More Resilient and Trusted?
Discussion topics will include:
Amidst an intensifying threat landscape, it’s imperative that organizations become more cyber resilient. Security executives and CISOs are looking to achieve security resilience as a means to achieving an effective cybersecurity and risk management posture. A key component of that is access to applications and services.
Enterprises must now accommodate a hybrid work environment where employees are working from anywhere while accessing internal applications. As the traditional network perimeter has dissolved, enterprises need to ensure that those coming into the...
Cybersecurity Frameworks: What You Need to Know to Stay Secure
Discussion topics will include:
Implementing a cybersecurity framework (CSF) reduces risk and improves cyber resilience, but with so many different frameworks to choose from, the challenge for many is understanding how to leverage a CSF for your unique needs.
Join our virtual roundtable on February 8 to discuss what you need to know about CSFs to stay secure.
Discussion topics will include: An overview of the leading CSF types, including NIST, ISO 27001, COBIT, CIS, Essential 8 and Zero Trust. How to incorporate a...
Zero Trust for the Midsized Enterprise: 'What's Possible?'
Discussion topics will include:
It's been three years now since zero trust exploded from being just an RSA Conference buzz phrase to becoming the framework of choice for extended enterprises globally. Zero trust is a strategic topic for security leaders, investors and vendors alike, and President Biden even made the framework a cornerstone of his 2021 cybersecurity executive order.
But what does zero trust mean to the midsized enterprise? Where does one begin to embrace the framework, what does the roadmap look like, and...
Being prepared to respond to today's security incidents means acquiring and maintaining both the tools and the expertise to successfully detect attacks and stop them before serious damage is done. However, with the diversity and complexity of threats on the rise, security teams find themselves drowning in data and overwhelmed by the immense volume of alerts, many of them false positives.
With a shortage of 4 million cybersecurity workers globally and 75% of SMBs saying they lack the personnel to...
Answering The Big Questions About SASE and Zero Trust
Discussion topics will include:
Digital business, cloud adoption and a hybrid workforce require security and networking approaches to transform in order to accelerate business growth. The SASE (secure access service edge) model enables this transformation by leveraging the power of the public cloud to simultaneously improve security and user experience. A well architected SASE approach can help organizations accelerate their digital journey by consistently applying zero trust policies for all users, applications and devices, no matter where they may be located.
The Oceanaire Houston- 5061 Westheimer Rd, Houston, TX
Tuesday, January 31st, 2023
The Oceanaire Houston- 5061 Westheimer Rd, Houston, TX
Tom Field with Chad Skipper
In-Person Roundtable
Lateral Movement: The New Cyber Battleground
Discussion topics will include:
Enterprises face an unprecedented level of threat and complexity as they operate in today’s multi-cloud and digital world. Consequently, the stakes in security continue to rise, and lateral security has become the new battleground.
"If you can’t see it, you can't protect it" is the new mantra, and it is the foundation for this roundtable discussion. What are the advanced threats preying upon organizations' blind spots, and how are security leaders overcoming their defensive gaps to detect and defend against...
Achieving the Benefits of Converged Endpoint Management
Discussion topics will include:
Managing endpoint risk and compliance is more challenging today than ever before. Today’s CISOs have to manage risk from many thousands of globally distributed, heterogeneous assets, while also responding to ever increasing audit scrutiny and regulatory compliance requirements.
Discussion topics will include: Identify & remediate risks that create the greatest exposure Assess & measure unknown vulnerabilities Maximize IT budgets and staffing during economic uncertainty Enhance existing investment in strategic technology vendors
Learn how converged endpoint management provides an effective, expedient...
OT Security: Adapting to Evolving Threat and Business Landscapes
Discussion topics will include:
Through accelerated digital transformation and hybrid work, our critical infrastructure is at risk like never before. And while attacks impacting cyber-physical systems long have been a growing concern, they are now more likely than ever.
Many of these legacy systems were not designed to co-exist seamlessly in a connected environment. And it will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities that are...
Achieving the Benefits of Converged Endpoint Management
Discussion topics will include:
Managing endpoint risk and compliance is more challenging today than ever before. Today’s CISOs have to manage risk from many thousands of globally distributed, heterogeneous assets, while also responding to ever increasing audit scrutiny and regulatory compliance requirements.
Join this session, Achieving the Benefits of Converged Endpoint Management
Discussion topics will include: Identify & remediate risks that create the greatest exposure Report results to the board. Do they understand the metrics that are being reported? Assess & measure the cost...
Cyber Recovery: The Best Defense Against Paying Ransomware
Discussion topics will include:
Ransomware attacks are becoming inevitable as bad actors exploit the weakest link of cyber defense - humans. The goal of cyber resilience is to transform business expectations and guarantee that businesses face a less-than-significant impact from a cyberattack. After all, it is not only about how to protect and detect but also remediate and recover. The recovery process needs to ensure not only a quick recovery but also a quicker back to business. For a faster recovery environment, malware is...
The nature of work has changed. Organizations now embrace a more mobile-centric, collaborative and productive workplace. The shift to supporting a remote-first work style was sudden for many, as they reacted to the global pandemic, but there are indications that businesses have made these changes permanent. The challenge now: Choose which modern technologies, practices and processes can best support and secure this new way of working.
Join this session, Securing a Hybrid, Mobile-First Workplace, to learn more about how to...
Achieving Operational Resilience in The Financial Sector
Discussion topics will include:
How can we ensure that critical systems are reliable, secure and performant in the long term? As a result of increased regulation, financial services executives need to address the task of building operational resilience across data and organisational silos.
Join this discussion on ‘Achieving Operational Resilience in Financial Services’, where we will address the importance of using data effectively to improve resilience. We will introduce the building blocks for creating a holistic monitoring approach that aligns with the regulators’ requirements,...
OT Security: Adapting to Evolving Threat and Business Landscapes
Discussion topics will include:
Through accelerated digital transformation and hybrid work, our critical infrastructure is at risk like never before. And while attacks impacting cyber-physical systems long have been a growing concern, they are now more likely than ever.
Many of these legacy systems were not designed to co-exist seamlessly in a connected environment. And it will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities that are...
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
New Age Security Challenges for Cloud-Native Applications
Discussion topics will include:
Nearly 70% of organizations host more than half their workloads in the cloud, up from 31% in 2020. Cloud is the future. As migration to the cloud continues, organizations struggle with application development security. With organizations adopting a cloud-native approach to application development, the need of the hour is to rethink one’s cloud security strategy. Implementing these approaches, however, poses challenges. Aside from organization-wide buy-in, how does one efficiently integrate these applications into workflows and toolsets that are already in...
Last June, Cloudflare detected what at the time was the largest distributed denial of service attack on record - 26 million requests per second. Since then, that record has been crushed, and adversaries continue to leverage DDoS attacks for distraction, destruction and as companions to ransomware campaigns.
What are the top trends in both application-layer and network-layer DDoS attacks? What are the ransom attack trends? What are the five critical considerations for mitigating modern DDoS attacks?
Being prepared to respond to today's security incidents means acquiring and maintaining both the tools and the expertise to successfully detect attacks and stop them before serious damage is done. However, with the diversity and complexity of threats on the rise, security teams find themselves drowning in data and overwhelmed by the immense volume of alerts, many of them false positives.
With a shortage of 4 million cybersecurity workers globally and 75% of SMBs saying they lack the personnel to...
Addressing ever advancing threats with Extended Detection and Response
Discussion topics will include:
Cyberthreats continue to proliferate, with advanced attackers exploiting zero days and novel new methods of monetization, while ‘conventional’ attacks have been commoditized or made available ‘as a service’. Meanwhile the attack surface is expanding exponentially though cloud adoption, Apps, IOT, IIOT, working from home, and digitization, with the resultant demand from users for access to everything from everywhere via any device.
Even the plethora of new tools introduced to tackle these new threats can create their own problems, including increasing...
Services financiers: Compliance et sécurité peuvent-ils devenir un atout pour le DevOps?
Discussion topics will include:
Selon l'enquête mondiale sur la sécurité de CloudBees cette année, les mesures de sécurité tout au long de la chaîne DevOps ont un impact significatif à la fois sur la livraison des logiciels et sur l'expérience globale des développeurs. Plus précisément, les dirigeants estiment que les exigences en matière de sécurité (75 %) et de conformité (76 %) entravent l'innovation. Détecter les problèmes à un stade précoce et les résoudre avant qu'ils ne ralentissent le processus ou n'entrent en production...
Achieving Visibility of Applications and APIs in a Multicloud World
Discussion topics will include:
The rapid adoption of hybrid cloud and multicloud services, along with an increasing number of cloud infrastructure and platform services, has created an explosion in complexity and concerns about data security and cloud compliance. It only takes one insecure API in your API supply chain to risk being crippled by long-term financial or reputational damages.
In this executive roundtable we shall discuss best practices to keep your multicloud environments and APIs both secure and performant while empowering your organization to...
Efficient Cloud Migration for Cloud-Native Business
Discussion topics will include:
Digitization is a driving priority for business leaders across industries and sectors. The need for greater agility and faster innovations has made cloud infrastructure an attractive option to fulfil the digital transformation agenda. However, during this transition, CIOs and tech leaders confront plenty of issues pertaining to migration, post-migration and modernization, which, if not handled well, can increase time, risk and costs.
CIO.inc, in partnership with Sify Technologies, solicits your presence for an exclusive roundtable discussion at the India Cloud...
Answering The Big Questions About SASE and Zero Trust
Discussion topics will include:
Digital business, cloud adoption and a hybrid workforce require security and networking approaches to transform in order to accelerate business growth. The SASE (secure access service edge) model enables this transformation by leveraging the power of the public cloud to simultaneously improve security and user experience. A well architected SASE approach can help organizations accelerate their digital journey by consistently applying zero trust policies for all users, applications and devices, no matter where they may be located.
Efficient Cloud Migration for Cloud-Native Business
Discussion topics will include:
Digitization is a driving priority for business leaders across industries and sectors. The need for greater agility and faster innovations has made cloud infrastructure an attractive option to fulfil the digital transformation agenda. However, during this transition, CIOs and tech leaders confront plenty of issues pertaining to migration, post-migration and modernization, which, if not handled well, can increase time, risk and costs.
CIO.inc, in partnership with Sify Technologies, solicits your presence for an exclusive roundtable discussion at the India Cloud...
The Challenges of Digital Trust in Business Transformation
Discussion topics will include:
Digital transformation has created a wealth of opportunities and challenges: cloud migration, smart devices, automation, IT/OT-IoT convergence, and third-party infrastructure integration.
But it has also brought with it vulnerabilities inherent in legacy technology, the disconnect of OT, an enlarged attack surface and increased attention from threat actors and criminal adversaries who seek to disrupt operations or steal intellectual property.
Today's CISOs need to focus on these accelerated challenges in the hyperconnected ecosystem, meaning: a connected workforce, connected customers, connected supply...
Cloud Security in a Hybrid or Multi-Cloud Environment
Discussion topics will include:
With the massive adoption of the cloud, security is struggling to keep pace. Lack of end-to-end visibility across data and applications has hampered the effective detection of attacks. Security practitioners are looking for an effective cloud strategy. While cloud workload protection platform and cloud security posture management solutions are used as standards, the need is for a single platform that provides greater visibility across distributed environments. A multi-cloud security approach needs an understanding of the baseline of what is being...
Efficient Cloud Migration for Cloud-Native Business
Discussion topics will include:
Digitization is a driving priority for business leaders across industries and sectors. The need for greater agility and faster innovations has made cloud infrastructure an attractive option to fulfil the digital transformation agenda. However, during this transition, CIOs and tech leaders confront plenty of issues pertaining to migration, post-migration and modernization, which, if not handled well, can increase time, risk and costs.
CIO.inc, in partnership with Sify Technologies, solicits your presence for an exclusive roundtable discussion at the India Cloud...
According to this year's CloudBees Global C-Suite Security Survey, the drive to shift left is having a significant impact on both delivering software and the developer experience overall. Specifically, executives believe that security (75%) and compliance (76%) requirements hinder innovation. Catching problems early and fixing them before they slow the process or get into production is still the ultimate goal of shift left. However, a new approach and mindset are required to deliver on the promise.
Government: Building Cyber Defense During Digital Transformation
Discussion topics will include:
Public sector agencies are undergoing a massive digital transformation, which is now imperative, thanks to the massive shift to remote work. Furthermore, Biden's executive order (EO), signed last May, mandated Zero Trust adoption across the government and recognized the importance of logging, log retention and management, cloud adoption, cyber best practices, software supply chain integrity, and information sharing.
One year later, what progress have we made, and what are the biggest opportunities for improvement? And how can federal agencies stay...
As companies adopt mobile and cloud technologies, perimeter security becomes increasingly difficult to enforce. The need of the hour is to shift access controls from the network perimeter to individual users. Companies have understood that there can no longer be an inherent mutual trust between services and there needs to be a consistent security policy enforcement across services. Is the zero trust framework the answer to this? If yes, how does one go about it?
Software Security: The Call for Developer-Centric Threat Modeling
Discussion topics will include:
You've got the largest potential attack surface in history, and your business-critical applications represent both your greatest opportunities and greatest threats. Application security has never been more urgent.
But how are you currently addressing the need to accelerate application development/deployment with cybersecurity and compliance needs? What are you doing to release secure software faster? What are your current threat modeling practices, and how can they be enhanced?
Register for this executive roundtable, Software Security: The Call for Developer-Centric Threat Modeling,...
An Integrated Approach to Embedding Security into DevOps to Establish a Secure Software Development
Discussion topics will include:
When done correctly, most security practitioners say that DevSecOps can transform how businesses can develop and deploy applications securely at a faster pace. However, most organizations still struggle to put it into practice. As businesses progress with agile development processes, cloud, and DevOps, security needs to integrate with the DevOps process to ensure responsibility is shared and protection is built-in to establish a secure application life-cycle. The key is understanding how developers and security teams can move towards a DevSecOps...
Complexity is the Enemy: How to Simplify Cybersecurity
Discussion topics will include:
The longer you have been doing security, the more complex your environment may be. You are not alone if you struggle with existing point products operating in isolation, on premise solutions that can't operate in the cloud, or siloed security operations and views. There are likely gaps in your security posture, and remote users may have a poor experience. And as attack surfaces - both on premise and in the cloud - only continue to grow, there are just too...
Advancing Threat Intel to Learn the Adversary's Next Move
Discussion topics will include:
As cybercriminals continue to target organizations with ransomware, API and DDoS attacks, security professionals are under constant pressure to become highly competent not just in threat prevention, but in detection and response. However they often struggle to understand threats and translate them into actionable countermeasures.
High quality defensive knowledge is scarce, and adversaries continue to take advantage of weak points including misconfigured defenses, poor security architectures, and excessive privileges, further reducing the value of investment in security solutions.
SASE Framework: Making the Case for Managed Services
Discussion topics will include:
Software-Defined Wide Area Networking (SD-WAN) and Secure Service Edge (SSE) are two of the major technology trends to emerge from accelerated digital transformation, and they have helped enterprises respond to the new security challenges posed by hybrid work and cloud applications by deploying a Secure Access Service Edge (SASE) framework.
According to Sophos, 54% of companies say their IT departments are not sophisticated enough to handle advanced cyberattacks. And according to IDC, the driving reasons are lack of in-house skills...
How Malware Helps Bad Actors Get Away with Online Fraud (and What Enterprises Can Do About It)
Discussion topics will include:
Despite your team’s best efforts to defend against cyberattacks, organizations often lack visibility into when employees and consumers fall victim to the most nefarious type of attack - malware infections. Malware-stolen data is highly valuable to bad actors and is a gateway for them to commit fraud and infiltrate corporate networks.
When your users are affected by malware, it’s too late. Once a botnet is installed (like the infamous RedLine Stealer), cybercriminals have already started to siphon critical information such...
Modern Steak on Stephen Avenue - Calgary, AB, Canada
Tuesday, November 1st, 2022
Modern Steak on Stephen Avenue - Calgary, AB, Canada
Bob Reny with Tom Field
In Person Roundtable
The Future of SIEM: Automate and Accelerate Security at Cloud-Scale
Discussion topics will include:
Cybersecurity teams struggle to keep up with a high volume of alerts with real threats buried in a sea of noise. More, with today's breaches rooted in compromised credentials, it is difficult for defenders to know what is abnormal when everything appears normal. Without a holistic view of an incident and automation to speed investigations, it is difficult to identify, investigate and respond to threats quickly, consistently and accurately. If today’s SIEMs aren’t keeping up, what does the future hold?...
Attack Intelligence: How to Operationalize Timely, Relevant, Actionable Info
Discussion topics will include:
Attack intelligence. Beyond traditional threat intel, it draws on threat detection, visibility and collaboration to deliver information that is at once timely, relevant and actionable. As opposed to traditional threat intel, which describes what could happen to your organization, industry or supply chain, attack intelligence shows what is happening.
But how does one create and receive attack intelligence? How is it different from traditional information sharing? And how do today's most significant cybersecurity threats create a greater need for attack...
Mancuso's Restaurant- 201 E. Washington Street, Phoenix, AZ
Tuesday, October 25th, 2022
Mancuso's Restaurant- 201 E. Washington Street, Phoenix, AZ
Eric Hyman with Tom Field
In-Person Roundtable
SASE Framework: Making the Case for Managed Services
Discussion topics will include:
Software-Defined Wide Area Networking (SD-WAN) and Secure Service Edge (SSE) are two of the major technology trends to emerge from accelerated digital transformation, and they have helped enterprises respond to the new security challenges posed by hybrid work and cloud applications by deploying a Secure Access Service Edge (SASE) framework.
According to Sophos, 54% of companies say their IT departments are not sophisticated enough to handle advanced cyberattacks. And according to IDC, the driving reasons are lack of in-house skills...
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
OT Security: Adapting to Evolving Threat and Business Landscapes
Discussion topics will include:
Through accelerated digital transformation and hybrid work, our critical infrastructure is at risk like never before. And while attacks impacting cyber-physical systems long have been a growing concern, they are now more likely than ever.
Many of these legacy systems were not designed to co-exist seamlessly in a connected environment. And it will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities that are...
Last June, Cloudflare detected what at the time was the largest distributed denial of service attack on record - 26 million requests per second. Since then, that record has been crushed, and adversaries continue to leverage DDoS attacks for distraction, destruction and as companions to ransomware campaigns.
What are the top trends in both application-layer and network-layer DDoS attacks? What are the ransom attack trends? What are the five critical considerations for mitigating modern DDoS attacks?
Attack Intelligence: How to Operationalize Timely, Relevant, Actionable Info
Discussion topics will include:
Attack intelligence. Beyond traditional threat intel, it draws on threat detection, visibility and collaboration to deliver information that is at once timely, relevant and actionable. As opposed to traditional threat intel, which describes what could happen to your organization, industry or supply chain, attack intelligence shows what is happening.
But how does one create and receive attack intelligence? How is it different from traditional information sharing? And how do today's most significant cybersecurity threats create a greater need for attack...
Better Understanding Cloud Security Risks Through ‘Context’
Discussion topics will include:
In just a few years, cloud conversations have gone from theoretical to critical. And with migrations to the cloud ongoing, many enterprises have had to rethink their security approach. In these environments, some practitioners are charged with expending resources to mitigate “high-severity” CVEs – regardless of how a vulnerability may interact with that IT environment. This risk may pale in comparison, for example, to a malware occurrence at the edge that goes unchecked.
Zero Trust approach to securing cloud native applications
Discussion topics will include:
With enterprises developing applications at lightning speed, enterprises are able to meet business and customer needs at a rapid pace. This has increased the challenges for developers who now need to work together with the security team to ensure cloud-native applications are protected from attacks. However, traditional security controls don't provide the security needed to protect cloud platforms.
From code changes that have not been tested but slip through to production, to zero-day attacks, runtime applications will continue to require...
Cybersecurity and Cyber Insurance Essentials for Retailers in the Ransomware Era
Discussion topics will include:
Ransomware continues to pummel organizations, with the retail sector now being the most-targeted vertical. So it's no surprise retailers are increasingly embracing practices and approaches to help them better lock down networks and payment systems, and to minimize the impact of a successful attack.
Cyber insurance is also part of many retailers' risk-mitigation strategy. But the ongoing success of ransomware as a criminal business model has led to a surge in premiums and insurers demanding more robust defenses from prospective...
Software Security: The Call for Developer-Centric Threat Modeling
Discussion topics will include:
You've got the largest potential attack surface in history, and your business-critical applications represent both your greatest opportunities and greatest threats. Application security has never been more urgent.
But how are you currently addressing the need to accelerate application development/deployment with cybersecurity and compliance needs? What are you doing to release secure software faster? What are your current threat modeling practices, and how can they be enhanced?
Register for this executive roundtable, Software Security: The Call for Developer-Centric Threat Modeling,...
How to Quantify Cybersecurity Exposure as Business Risk
Discussion topics will include:
How can CISOs best quantify the cybersecurity risks facing their organisation? Increasingly, business leaders are calling on them to express this not in terms of technical risk, but risk to the business. Such knowledge is crucial for better guiding cybersecurity investments and understanding their return investment (ROI).
Accordingly, how can CISOs best identify and continually track the actual threats facing their organisation? How should they identify and prioritize the attack scenarios — perhaps including data leakage, or a ransomware outbreak...
Comment quantifier les menaces liées à la cybersécurité en termes de risque commercial?
Discussion topics will include:
Comment les RSSI peuvent-ils quantifier au mieux les risques en matière de cybersécurité auxquels fait face leur organisation ? De plus en plus, les dirigeants d’entreprise leur demandent d’exprimer ce risque non pas en termes techniques mais en tant que risque d’entreprise. Ces connaissances sont essentielles pour mieux guider les investissements dans la cybersécurité et envisager leur retour sur investissement (RSI).
De quelle manière, alors, les RSSI peuvent-ils identifier et assurer un suivi constant des menaces réelles qui pèsent sur...
SASE Framework: Making the Case for Managed Services
Discussion topics will include:
Software-Defined Wide Area Networking (SD-WAN) and Secure Service Edge (SSE) are two of the major technology trends to emerge from accelerated digital transformation, and they have helped enterprises respond to the new security challenges posed by hybrid work and cloud applications by deploying a Secure Access Service Edge (SASE) framework.
According to Sophos, 54% of companies say their IT departments are not sophisticated enough to handle advanced cyberattacks. And according to IDC, the driving reasons are lack of in-house skills...
OT Security: Adapting to Evolving Threat and Business Landscapes
Discussion topics will include:
Through accelerated digital transformation and hybrid work, our critical infrastructure is at risk like never before. And while attacks impacting cyber-physical systems long have been a growing concern, they are now more likely than ever.
Many of these legacy systems were not designed to co-exist seamlessly in a connected environment. And it will take years before a new generation of connected assets emerges with more natively integrated security processes. In the meantime, how do we introduce cybersecurity capabilities that are...
Security operations teams are reaching their breaking point, and new strategies are needed.
According to a new research study by Enterprise Strategy Group, 60% of security professionals surveyed say alert triage is challenging or overwhelming, and 89% of all surveyed security decision makers feel their organization needs a transformational or moderate amount of change in its SOC to mitigate business threats.
But what does modernization actually mean? How can security leaders help their teams to better understand their threat coverage,...
In efforts to stay agile and reinvent their relationship with customers, some retailers have decentralized their activities and become more composable. This new architecture allows developers to access all APIs, which enables agility and flexibility in the face of digital disruption.
The problem is that this has created new vulnerabilities and vectors for the attackers to exploit. Whether defending against DDoS or bot attacks, securing APIs or OWASP vulnerabilities, security teams need to be able to detect and remediate incidents...
Fraudes e Inteligência Artificial: sua empresa está pronta para contra-atacar a nova geração de crimes financeiros?
Discussion topics will include:
É crescente o uso de recursos de inteligência artificial por parte de criminosos cibernéticos para elaborar fraudes financeiras cada vez mais eficientes. Empregando robôs e scripts automatizados, eles conseguem varrer a internet em busca de credenciais comprometidas, roubar identidades digitais e causar danos irreversíveis — quem não sofre ao contabilizar os chargebacks ao final de um mês que atire a primeira pedra. Será que a sua empresa está pronta para lidar com essa nova geração de fraudadores?
Massive exploits such as the recent Log4j/Log4shell vulnerability are a sign that best practices are still evolving, and the risk of mismanaging, or worse, ignoring open source vulnerabilities, is only becoming greater. It’s time to kick up the gear on open source and software supply chain management conversations.
Join us for an engaging, roundtable conversation on what we need to know about managing open source and software supply chains.
Register for this executive roundtable, Mitigating Software Supply Chain Risk, to...
Breaches happen, and 2021 was a record-breaking year for them. According to Identity Theft Resource Center research, there were 1,291 breaches publicly reported as of Sept. 2021, compared to 1,108 breaches in 2020. That’s a 17% year-over-year increase. Meanwhile, millions are spent on security operations centers that aren’t stopping the breaches.
Why are SOC and security teams way too limited by legacy SIEM? How can machine learning-driven analytics and automation technologies provide unmatched threat detection, investigation, and response capabilities?
To take your detection and response to the next level, you need to establish where you are in your maturity model, benchmark that against your peers, and identify the next steps that need to be taken. Four key considerations in this process are: visibility, automation; alert handling and threat hunting.
To reduce complexity and relieve the burden of false positives, it’s essential to deploy automated detection and response that can learn from analysts and autonomously respond to day-to-day alert handling....
Financial Services: Securing Applications and APIs in Multicloud Environments
Discussion topics will include:
The rapid adoption of hybrid cloud and multicloud services, along with an increasing number of cloud infrastructure and platform services, has created an explosion in complexity and concerns about data security and cloud compliance. It only takes one insecure API in your API supply chain to risk being crippled by long-term financial or reputational damages.
In this executive roundtable we shall discuss best practices to keep your multicloud environments and APIs both secure and performant while empowering your organization to...
According to a 2021 survey, over 50% of organizations use over 25 systems to manage identities, and 21% use over 100. Despite such preventative measures, a user falls victim to identity theft every two seconds. With cloud permeating the boundaries of the enterprise, the surface for compromised or stolen credentials of privileged users and applications has exploded. Zero trust - a vital architectural shift in security - fills the gap left by old perimeter-based, defense-in-depth models. Gartner predicts that while...
Software Supply Chain: Threats and Strategies to Reduce Risk
Discussion topics will include:
The 2021 executive order on cybersecurity and recent high-profile incidents including SolarWinds and Log4Shell highlight the fact that an organization's software supply chain must not be overlooked by enterprise security teams. Supply chain risks have emerged in recent years in parallel with fundamental changes in how we develop and consume software.
Over the last decade or so, digital transformation and the need for fast time-to-market have driven new software development practices including agile methodologies, DevOps processes, and the broad use...
Ruth's Chris Steakhouse Manhattan- 148 West 51st Street, New York, NY
Thursday, September 15th, 2022
Ruth's Chris Steakhouse Manhattan- 148 West 51st Street, New York, NY
Tom Field with Fawaz Rasheed
In-Person Roundtable
How to Modernize Your SOC (Without Blowing it Up)
Discussion topics will include:
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
Massive exploits such as the recent Log4j/Log4shell vulnerability are a sign that open source software best practices are still evolving. Furthermore, the risk of mismanaging — or worse, ignoring — open source vulnerabilities is only becoming greater.
With the robust use of open source software and software supply chains here to stay, this executive roundtable addresses how you can manage the risks they pose - focusing in on the Oiltanking GmbH cyber-attack.
Attendees will discuss how to proactively protect enterprise...
Les risques logiciels: les meilleures pratiques pour une vraie résilience
Discussion topics will include:
Les récentes vulnérabilités SolarWinds et Log4j/Log4shell ont encore accentué les risques de mal gérer, ou pire, d'ignorer les vulnérabilités des logiciels libres. Il est temps de passer à la vitesse supérieure dans les conversations sur l'open source et la gestion de la chaîne de développement logicielle.
Rejoignez-nous pour une conversation passionnante lors d'un déjeuner à Paris, entre cadres dirigeants IT, sur les meilleures pratiques de gestion de l'open source et des chaînes de développement logiciels.
Steps to Reducing Ransomware Risk in a Cloud-First World
Discussion topics will include:
In 2021, a debilitating ransomware attack on Colonial Pipeline's IT systems caused both a physical response – the shutdown of the pipeline – and a hefty financial one, with the company paying more than $4 million ransom to restore data. After other high-profile attacks and a whole-of-government emphasis on mitigation in the U.S., it became apparent that ransomware is indeed a national security concern that can cut through every area of an enterprise.
Building Customer Relationships Through Secure E-Commerce
Discussion topics will include:
Transacting online is key to driving new and recurring business, but the security risks are ever present. Those risks can translate into problems with customer acquisition and, subsequently, retention. Customers will move to competitors with systems that have less friction. Sources of risk abound. Bots use stolen credentials to try to log into existing accounts. Screen-scraping bots steal content, pricing information and more, undermining an organisation’s web offerings. Fraudulent traffic and bad traffic can undermine a site’s performance and reputation....
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
As companies adopt mobile and cloud technologies, perimeter security becomes increasingly difficult to enforce. The need of the hour is to shift access controls from the network perimeter to individual users. Companies have understood that there can no longer be an inherent mutual trust between services and there needs to be a consistent security policy enforcement across services. Is the zero trust framework the answer to this? If yes, how does one go about it?
Email Security: Changing the Game Against Game-Changing Attacks?
Discussion topics will include:
Phishing. Business email compromise. Executive impersonation. Ransomware. Today's email-borne threats are sophisticated, targeted and come at a relentless scale. There’s little denying that they are game-changing.
But can you say the same about your email defenses? Is email security the priority it should be for your enterprise, or are you trying to counter 2022 attacks with 2012 defenses? How do you hope to upgrade your defenses, and what will it take to obtain the resources you need?
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
Why Automation is Essential to Prevent Cyber Attacks
Discussion topics will include:
With cyberattacks on the rise and fears of international escalation in cyberspace, security teams are actively working to bolster defense. But with the prevalence of security rising, the gulf between today's workforce and its needs is vast. This leaves CISOs under-resourced and analysts in the SOC spread thin. Enter "Security Orchestration, Automation, and Response," or SOAR, tools.
Without automated tools to centralize event data and improve incident response, tasks delegated to "humans" can get tedious and overwhelming – causing a...
Sweden’s NATO Application: Impact on Supply Chain Risk and Resilience
Discussion topics will include:
Massive exploits such as the recent Log4j/Log4shell vulnerability are a sign that open source software best practices are still evolving. Furthermore, the risk of mismanaging — or worse, ignoring — open source vulnerabilities is only becoming greater.
As the robust use of open source software and software supply chains remains here to stay, this executive roundtable addresses how you can deal with the risks they pose, while ensuring both remain safe to use.
Measuring the Maturity of Your Cloud Security Program
Discussion topics will include:
Amidst the accelerated digital transformation of the past two years, enterprises across sectors have gone from dipping their toes in the cloud to being fully immersed in multi-cloud environments. At the same time, they've encountered the reality: Security in the cloud is a different animal, and it requires unique skills.
What does cloud security maturity look like? Where is your organization on the road to maturity? How do you measure progress - and gain access to the right talent?
Cloud Done Right: Cost-Effective, Agile Architecture for Speed and Scale
Discussion topics will include:
Whether you’re developing cloud-native workloads or doing a lift and shift of the existing applications, there are many considerations before making a decisive move. Concerns for reliability, efficiency, agility, and operational excellence are topmost as they directly impact the business. To tackle this, technology organizations need a platform that leverages automation and intelligence, and offers observability, automation, and intelligence for better context and actionable insights.
DynamicCIO (an ISMG initiative) and Dynatrace-AWS invite you for an exclusive executive roundtable discussion on...
If you thought 2021 was the year of the software supply chain, just wait until you see what unfolds in 2022.
Massive exploits such as the recent Log4j/Log4shell vulnerability are a sign that best practices are still evolving, and the risk of mismanaging, or worse, ignoring open source vulnerabilities, is only becoming greater. And with even the President of the U.S. calling out the need for software bills of materials, it’s time to kick up the gear on open source...
Advancing Threat Intel to Learn the Adversary's Next Move
Discussion topics will include:
As cybercriminals continue to target organizations with ransomware, API and DDoS attacks, security professionals are under constant pressure to become highly competent not just in threat prevention, but in detection and response. However they often struggle to understand threats and translate them into actionable countermeasures.
High quality defensive knowledge is scarce, and adversaries continue to take advantage of weak points including misconfigured defenses, poor security architectures, and excessive privileges, further reducing the value of investment in security solutions.
Steps to Reducing Ransomware Risk in a Cloud-First World
Discussion topics will include:
In 2021, a debilitating ransomware attack on Colonial Pipeline's IT systems caused both a physical response – the shutdown of the pipeline – and a hefty financial one, with the company paying more than $4 million ransom to restore data. After other high-profile attacks and a whole-of-government emphasis on mitigation in the U.S., it became apparent that ransomware is indeed a national security concern that can cut through every area of an enterprise.
With an increasing digital footprint and sophisticated cyber adversaries, enterprises require extraordinary efforts to enhance their SOC capabilities to overcome alert fatigue, siloed functions, skills shortage, and improve 360-degree visibility. Security operations need to transform into an innate and proactive defense mechanism to withstand the surge in disruptive cyberattacks. On one hand, the CISOs and CIOs need to declutter and simplify their security operations, and on the other, they need to hyperautomate the mechanisms to ingest the right datasets to...
The Executive Order on Improving the Nation’s Cybersecurity was groundbreaking. Signed last May, it mandated Zero Trust adoption across the government and recognized the importance of cloud adoption, cyber best practices, software supply chain integrity, and high-quality code.
Following several deadlines to date - in NIST defining critical software, the NTIA outlining minimum SBOM standards and more - agencies continue to move away from outdated security practices and toward new standards to, in turn, reduce vulnerabilities, boost cyber resilience, and...
Ocean Prime- 2101 Cedar Springs Rd, Dallas TX 75201
Thursday, August 11th, 2022
Ocean Prime- 2101 Cedar Springs Rd, Dallas TX 75201
Tom Field with Chip Witt
In-Person Roundtable
How Malware Helps Bad Actors Get Away with Online Fraud (and What Enterprises Can Do About It)
Discussion topics will include:
Despite your team’s best efforts to defend against cyberattacks, organizations often lack visibility into when employees and consumers fall victim to the most nefarious type of attack - malware infections. Malware-stolen data is highly valuable to bad actors and is a gateway for them to commit fraud and infiltrate corporate networks.
When your users are affected by malware, it’s too late. Once a botnet is installed (like the infamous RedLine Stealer), cybercriminals have already started to siphon critical information such...
Accelerate Your Cloud Migration Strategy to Modernize Applications
Discussion topics will include:
The interest in multi-cloud adoption has shown an upward trend as C-level executives take deployment decisions. To stay competitive, companies are now modernizing applications across the board.
While multi-cloud architecture has become the new reality of corporate IT, it presents a new set of challenges to achieve the agility and scalability needed to keep up with the pace of digital transformation.
However, the move to multi-cloud environments has made it challenging for enterprises to optimize infrastructure performance and resource consumption....
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever. But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
Retail scams, business email compromise, supply chain impersonation, and money mule recruitment campaigns are just a few of the types of brand exploitation attacks targeting businesses with an online presence.
Frost & Sullivan’s Global State of Online Digital Trust reports that 78% of consumers indicate that it’s crucial that their personal information be protected online, and 48% have stopped using an online service when it’s subject to a breach. How are you protecting your brand from sophisticated social engineering techniques?...
Fraudes e Inteligência Artificial: sua empresa está pronta para contra-atacar a nova geração de crimes financeiros?
Discussion topics will include:
É crescente o uso de recursos de inteligência artificial por parte de criminosos cibernéticos para elaborar fraudes financeiras cada vez mais eficientes. Empregando robôs e scripts automatizados, eles conseguem varrer a internet em busca de credenciais comprometidas, roubar identidades digitais e causar danos irreversíveis — quem não sofre ao contabilizar os chargebacks ao final de um mês que atire a primeira pedra. Será que a sua empresa está pronta para lidar com essa nova geração de fraudadores?
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
Deception for crime or warfare is an established tactic used by attackers, probably as old as humanity. Even in today’s online world, fake and stolen identity are primary routes for attackers to gain unauthorized access to an organization's digital assets, networks, or systems. In fact a recent report found that 79% of organizations have experienced an identity-related security breach in the last two years.
Reliably establishing and authenticating the identities of those we choose to trust online enables us to...
Email Security: Changing the Game Against Game-Changing Attacks?
Discussion topics will include:
Phishing. Business email compromise. Executive impersonation. Ransomware. Today's email-borne threats are sophisticated, targeted and come at a relentless scale. There’s little denying that they are game-changing.
But can you say the same about your email defenses? Is email security the priority it should be for your enterprise, or are you trying to counter 2022 attacks with 2012 defenses? How do you hope to upgrade your defenses, and what will it take to obtain the resources you need?
Security operations teams are reaching their breaking point, and new strategies are needed.
According to a new research study by Enterprise Strategy Group, 60% of security professionals surveyed say alert triage is challenging or overwhelming, and 89% of all surveyed security decision makers feel their organization needs a transformational or moderate amount of change in its SOC to mitigate business threats.
But what does modernization actually mean? How can security leaders help their teams to better understand their threat coverage,...
Steps to Reducing Ransomware Risk in a Cloud-First World
Discussion topics will include:
In 2021, a debilitating ransomware attack on Colonial Pipeline's IT systems caused both a physical response – the shutdown of the pipeline – and a hefty financial one, with the company paying more than $4 million ransom to restore data. After other high-profile attacks and a whole-of-government emphasis on mitigation in the U.S., it became apparent that ransomware is indeed a national security concern that can cut through every area of an enterprise.
Better Understanding Cloud Security Risks Through ‘Context’
Discussion topics will include:
In just a few years, cloud conversations have gone from theoretical to critical. And with migrations to the cloud ongoing, many enterprises have had to rethink their security approach. In these environments, some practitioners are charged with expending resources to mitigate “high-severity” CVEs – regardless of how a vulnerability may interact with that IT environment. This risk may pale in comparison, for example, to a malware occurrence at the edge that goes unchecked.
Advancing Threat Intel to Learn the Adversary's Next Move
Discussion topics will include:
As cybercriminals continue to target organizations with ransomware, API and DDoS attacks, security professionals are under constant pressure to become highly competent not just in threat prevention, but in detection and response. However they often struggle to understand threats and translate them into actionable countermeasures.
High quality defensive knowledge is scarce, and adversaries continue to take advantage of weak points including misconfigured defenses, poor security architectures, and excessive privileges, further reducing the value of investment in security solutions.
Managing Risk Outside Your Four Walls: Strategies for Protecting Your External Attack Surface
Discussion topics will include:
Security practitioners are increasingly put to task to address threats and risks occurring outside the traditional four walls of the enterprise. Referred to as a company’s external attack surface, it comprises typosquat domains; fake websites, apps, and ads; counterfeit sales; email compromise; and social media fraud.
And with technology stacks piling high, security teams are increasingly looking for efficient engines that can detect and act against these external activities in real time - including scams propagated through multiple platforms and...
Retail Security in a Time of Digital Transformation
Discussion topics will include:
With scores of active accounts, deep PII and stacks of legacy technology, the retail and hospitality industries remain top targets for cyber criminals. The accelerated digital transformation has also fueled new fraud attempts on point of sale systems, payment card accounts and third-party suppliers.
How has the retail/hospitality attack surface shifted in the past year? What have cybersecurity leaders learned about protecting card transactions and point of sale systems? What supply chain lessons must be learned from the SolarWinds breach?...
Modernising Data Security for Complex Environments
Discussion topics will include:
The rapid adoption of hybrid cloud and multicloud services, along with an increasing number of cloud infrastructure and platform services, has created an explosion in complexity and concerns about data security and cloud compliance.
Common challenges for organizations include; a lack of visibility and decentralized governance across multiple environments, a lack of internal consensus about how cloud compliance should be handled and the inability to get real-time, accurate and actionable insights to detect and respond to threats.
Securing Hybrid Work Environments - The Need for a New Approach
Discussion topics will include:
Hybrid work locations are becoming permanent for many organizations. These hybrid models continue to present many challenges. How does one secure the remote workforce with ever increasing successful attacks, an expanding attack surface, and impact? How do you collate ever more security data from scattered endpoints and then harness it for threat detection?
Traditional security solutions will not suffice to do this. Attackers are thinking different and so must organizations.
A new generation of cloud-based threat intelligence solutions will be...
Measuring the Maturity of Your Cloud Security Program
Discussion topics will include:
Amidst the accelerated digital transformation of the past two years, enterprises across sectors have gone from dipping their toes in the cloud to being fully immersed in multi-cloud environments. At the same time, they've encountered the reality: Security in the cloud is a different animal, and it requires unique skills.
What does cloud security maturity look like? Where is your organization on the road to maturity? How do you measure progress - and gain access to the right talent?
Are You Prepared for Attack Surface Management v2.0?
Discussion topics will include:
Among the lessons learned from the Log4j zero-day: Your enterprise's attack surface is no longer stopping at your ‘four walls.’ In fact according to a recent survey by Anchore, over half of the companies surveyed were targeted by software supply chain attacks in 2021.
The term "attack surface management" was coined by former Gartner analyst Brad LaPorte in 2019. But in 2022, enterprises need to embrace what LaPorte calls Attack Surface Management v2.0 - where with one well-integrated tool, security...
Fast-Moving Financial Fraud: How Well-Protected is Your Financial Institution?
Discussion topics will include:
With Global financial markets at a historical turning point, we’re meeting to address how banks and financial organisations in Germany can stay ahead of state-sponsored cyber gangs, brooding black swan attacks and crypto-jacking fraud.
Whilst ‘traditional’ online banking fraud remains a consistent threat, more advanced social engineering presents the need for banks and critical infrastructure to gain deeper visibility into risk.
This executive discussion will provide insights into the warnings issued by BaFin to address how German banks can prepare...
The problems are staring at you: A broader potential attack surface than you've ever had before; more alerts than your systems and staff can monitor, never mind act upon; and recruiting & retaining SOC analysts are harder than ever.
But knowing you need to modernize your SOC is one thing; doing it is quite another. How do you upgrade without a complete rip and replace? How do you gain not just the visibility you need across disparate environments, but context...
Zero Trust and SASE: Embracing Today's Workforce Security Solutions for the Financial Sector
Discussion topics will include:
Zero Trust and Secure Access Service Edge allow Financial Services enterprises to leave behind the challenges of legacy security approaches, secure their systems and support innovative and competitive ways of working.
But new strategies come with the need for new skills and tools. How is your FinServ organization embracing Zero Trust, cloud migration and SASE against competing priorities? How are you balancing in-house and outsourced resources to manage your transformation? What security gaps are evident as you secure this here-to-stay...
Software Security: How to Prioritize, Measure and Convey it to the Board
Discussion topics will include:
Amidst the shifting threat landscape in the healthcare sector, cloud migration and ongoing digital transformation, software security is often low or even last on the list of priorities for security leaders to address. Yet, with the 2021 presidential executive order on cybersecurity, and as headlines continue to feature high-profile breaches, board members at healthcare organizations - and across all industries - are taking notice. Even though there are often designated technical experts on boards, there is now an increased awareness...
Email Security: Changing the Game Against Game-Changing Attacks?
Discussion topics will include:
Phishing. Business email compromise. Executive impersonation. Ransomware. Today's email-borne threats are sophisticated, targeted and come at a relentless scale. There’s little denying that they are game-changing.
But can you say the same about your email defenses? Is email security the priority it should be for your enterprise, or are you trying to counter 2022 attacks with 2012 defenses? How do you hope to upgrade your defenses, and what will it take to obtain the resources you need?
Practical Steps to Security Management: Accelerating Your Response Mechanism
Discussion topics will include:
As organizations become vulnerable to threats and attacks, the big question is how to accelerate their incident response mechanism by effectively managing their security and controls.
The concerns are justified because the average volume of attacks and breaches has increased rapidly, with the bad guys creating significant business loss, downtime, and the cost of response going up.
The significant challenge for CISOs is to monitor their alerts in real-time and take appropriate action based on defined policies, an effective risk...
With cyberattacks on the rise and fears of international escalation in cyberspace, security teams are actively working to bolster defense. But with the prevalence of security rising, the gulf between today's workforce and its needs is vast. This leaves CISOs under-resourced and analysts in the SOC spread thin. Enter "Security Orchestration, Automation, and Response," or SOAR, tools.
Without automated tools to centralize event data and improve incident response, tasks delegated to "humans" can get tedious and overwhelming – causing a...
Detection and Response: Closing Gaps that Adversaries Exploit
Discussion topics will include:
Adversaries are continually exploiting organisations faster than ever. The time between an adversary gaining access to a system to launching an attack is now coming down to just minutes. If defence teams miss an alert or an automated defensive response doesn't take place, it could result in an adversary making a successful breach or a ransomware attack.
Security technologies are an alphabet soup. XDR, or extended detection and response, is one of the latest acronyms. But what does XDR mean,...
Synthetic identity fraud — where criminals use a combination of real and fake information to create a fictitious identity and then open counterfeit accounts to make fraudulent purchases — costs banks $6 billion dollars annually and is one of the fastest growing types of financial crime in the U.S., according to the FBI.
Traditional fraud tools that were designed to capture stolen identities do not serve well in solving synthetic identity problems. Unlike stolen identity information, where fraudsters act quickly...
Microsegmentation: Best Practices for Blocking and Containing Breaches in Financial Services
Discussion topics will include:
Running an effective cybersecurity program doesn't just require hoping for the best, but planning for the worst. Despite an organisation's best efforts, attackers nevertheless manage to breach their defenses and steal regulated customer data, unleash crypto-locking malware and more.
Organisations in the financial services sector have been looking to protect their network by reducing the attack surface, containing the impact of an intrusion and stopping lateral movement. The way to achieve these goals is through software-defined microsegmentation.
Deception for crime or warfare is an established tactic used by attackers, probably as old as humanity. Even in today’s online world, fake and stolen identity are primary routes for attackers to gain unauthorized access to an organization's digital assets, networks, or systems. In fact a recent report found that 79% of organizations have experienced an identity-related security breach in the last two years.
Reliably establishing and authenticating the identities of those we choose to trust online enables us to...
Massive exploits such as the recent Log4j/Log4shell vulnerability are a sign that best practices are still evolving, and the risk of mismanaging, or worse, ignoring open source vulnerabilities, is only becoming greater. It’s time to kick up the gear on open source and software supply chain management conversations.
Join us for an engaging, round-table conversation on what we need to know about managing open source and software supply chains in 2022.
Register for this executive roundtable, Software Supply Chains: A...
Whether it's Log4j, SolarWinds or rising geopolitical tensions, anticipating cyber incidents has never been more challenging. The need for security leaders to demonstrate "cyber readiness" to the executive board is now crucial.
A useful tool to follow is the NIST Cybersecurity Framework but too often security teams prioritize the "identify", "protect", and "detect" functions, over "respond" and recover". Shifting greater focus to response and recovery will not only highlight vulnerabilities to the executive but also help increase funding across all...
Fast-Moving Financial Fraud: How Well-Protected is Your Financial Institution?
Discussion topics will include:
Global financial markets are at a historical turning point. While headlines are talking about Covid-19, crypto-currencies and QE, threat actors are working smarter to execute attacks. You already know the diversity of threats: from state-sponsored cyber gangs, quants in collapsed countries, or brooding black swans, it’s tough to stay protected. But with the coexistence of ‘traditional’ online banking fraud and more advanced social engineering, the need to gain deeper visibility into risk is now greater than before.
Cyber risk governance defines how an organization plans to protect itself from cyber events and threats. Governance describes the process for how to build a cybersecurity program, but doesn’t necessarily inform the effectiveness of your programs and policies. Without uniform performance targets defined in the governance policies, security leaders won’t know if their security controls are performing to their standards or if they’re within the bounds of their risk appetite.
To stay cyber resilient, forward-thinking security leaders need to measure...
Sofitel Hotel | Bandra Kurla Complex, Bandra East, Mumbai
Wednesday, June 22nd, 2022
Sofitel Hotel | Bandra Kurla Complex, Bandra East, Mumbai
Geetha Nandikotkur with Murali Urs
In-Person Roundtable
Practical Steps to Security Management: Accelerating Your Response Mechanism
Discussion topics will include:
As organizations become vulnerable to threats and attacks, the big question is how to accelerate their incident response mechanism by effectively managing their security and controls.
The concerns are justified because the average volume of attacks and breaches has increased rapidly, with the bad guys creating significant business loss, downtime, and the cost of response going up.
The significant challenge for CISOs is to monitor their alerts in real-time and take appropriate action based on defined policies, an effective risk...
Software Security: How to Prioritize, Measure and Convey It To the Board
Discussion topics will include:
Amidst the shifting threat landscape, cloud migration and ongoing digital transformation, software security is often low or even last on the list of priorities for security leaders to address.
Yet, with the recent executive order on cybersecurity, and as headlines continue to feature high-profile breaches, board members at organizations across all industries are taking notice. Even though there are often designated technical experts on boards, there is now an increased awareness around cybersecurity – especially software security – even among...
Collective Defense: How to Secure the Finance Sector through Collaboration in Cybersecurity
Discussion topics will include:
When it comes to cybersecurity, financial firms often face limited visibility of unknown cyber threats (especially in today’s new hybrid work environments), insider threats, the ongoing skills shortage, and a high volume of attacks with the financial sector facing the most of any sector. How can the finance sector raise its security posture by collaborating in real time — without any one firm losing its competitive edge? What are the barriers to threat exchange, and how can they be removed...
Incident Response: Are You Prepared for Your Organization's Worst Day?
Discussion topics will include:
It could be ransomware, DDoS, a zero day such as Log4j or a supply chain attack similar to SolarWinds. You know it's not "if," it's "when does the next cyberattack strike?" And how prepared is your organization to respond to what invariably will be its worst day?
So much goes into preparation: What controls do you have in place for detection and response? Do you have the right people in place - and have they been drilled? Do you know...
How Malware Helps Bad Actors Get Away with Online Fraud (and What Enterprises Can Do About It)
Discussion topics will include:
Despite your team’s best efforts to defend against cyberattacks, organizations often lack visibility into when employees and consumers fall victim to the most nefarious type of attack - malware infections. Malware-stolen data is highly valuable to bad actors and is a gateway for them to commit fraud and infiltrate corporate networks.
When your users are affected by malware, it’s too late. Once a botnet is installed (like the infamous RedLine Stealer), cybercriminals have already started to siphon critical information such...
Better Understanding Cloud Security Risks Through ‘Context’
Discussion topics will include:
In just a few years, cloud conversations have gone from theoretical to critical. And with migrations to the cloud ongoing, many enterprises have had to rethink their security approach. In these environments, some practitioners are charged with expending resources to mitigate “high-severity” CVEs – regardless of how a vulnerability may interact with that IT environment. This risk may pale in comparison, for example, to a malware occurrence at the edge that goes unchecked.
Grand Hyatt Singapore, 10 Scotts Rd, Singapore 228211
Thursday, June 16th, 2022
Grand Hyatt Singapore, 10 Scotts Rd, Singapore 228211
Suparna Goswami with Felix Lam
In-Person Roundtable
Taking a Platform Approach to Reinvent Security for Today's Flexible Workforce
Discussion topics will include:
The transition to hybrid work has brought into sharp focus the challenges of connecting between people, devices, and data that are ever-expanding. Enterprises are looking for consistency for security and quality of experience regardless of an end-user’s location. The key is to simplify security, streamline policy enforcement and increase threat protection by combining multiple functions into a single, cloud-native service. But this needs to be done in a way that enables organisations of all sizes to deliver customer and employee...
Managing Risk Outside Your Four Walls: Strategies for Protecting Your External Attack Surface
Discussion topics will include:
Security practitioners are increasingly put to task to address threats and risks occurring outside the traditional four walls of the enterprise. Referred to as a company’s external attack surface, it comprises typosquat domains; fake websites, apps, and ads; counterfeit sales; email compromise; and social media fraud.
And with technology stacks piling high, security teams are increasingly looking for efficient engines that can detect and act against these external activities in real time - including scams propagated through multiple platforms and...
Zero Trust and SASE: Embracing Today's Workforce Security Solutions for the Financial Sector
Discussion topics will include:
Zero Trust and Secure Access Service Edge allow Financial Services enterprises to leave behind the challenges of legacy security approaches, secure their systems and support innovative and competitive ways of working.
But new strategies come with the need for new skills and tools. How is your FinServ organization embracing Zero Trust, cloud migration and SASE against competing priorities? How are you balancing in-house and outsourced resources to manage your transformation? What security gaps are evident as you secure this here-to-stay...
Credential Stuffing: Balancing a Layered Security Approach with User Experience
Discussion topics will include:
With the concept of super apps gaining acceptance, commerce companies are all set to leverage this new trend in the market. However, with scalability comes in security issues. Every online business with a login page is a potential target for credential stuffing. Recent studies have shown that most industries have reported credential stuffing as a significant security challenge. But visibility into this kind of attack continues to be a challenge. While a layered- security approach is ideal, user experience remains...
JW Marriott Hotel New Delhi Aerocity, Asset Area 4 - Hospitality District Delhi, Aerocity, New Delhi, Delhi 110037
Thursday, June 9th, 2022
JW Marriott Hotel New Delhi Aerocity, Asset Area 4 - Hospitality District Delhi, Aerocity, New Delhi, Delhi 110037
Geetha Nandikotkur with Murali Urs
In-Person Roundtable
Practical Steps to Security Management: Accelerating Your Response Mechanism
Discussion topics will include:
As organizations become vulnerable to threats and attacks, the big question is how to accelerate their incident response mechanism by effectively managing their security and controls. The concerns are justified because the average volume of attacks and breaches has increased rapidly, with the bad guys creating significant business loss, downtime, and the cost of response going up.
The significant challenge for CISOs is to monitor their alerts in real-time and take appropriate action based on defined policies, an effective risk...