Two years into accelerated digital transformation, the way you work has changed. But has your security organization evolved at the same pace? Join this exclusive panel for leadership insights on: 

• The new organizational alignment; 
• Shifting from product to project teams; 
• The cultural changes of forcing the team to "shift left."

For years, CISOs have argued the differences between cybersecurity during peacetime and during wartime. Now, with active hostilities in Ukraine, they see the stark differences - and potential repercussions.

This panel of security leaders tackles the questions many organizations are asking, including:

• What's the risk to critical infrastructure outside of Eastern Europe? 
• What might an attack look like? 
• What messages should be conveyed to senior leaders and boards about supply chain risk?

No surprise in the era of digital transformation: Gartner predicts that in 2022, application programming interface attacks will become the most-frequent attack vector. And yet many security professionals do not even know how many APIs they have in their environments - never mind their level of security.

So, what are you doing proactively to protect your environment from API vulnerabilities, design flaws, and misconfigurations? Learn why existing controls are not enough and what you can do to better your security posture.

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

Stop by the Expo Hall.

Vendor management is an old topic with new risks. In the post-SolarWinds, Kaseya and Log4j era, cybersecurity leaders are more sensitive than ever to the third-party relationships they have with appliance, service and software vendors. It isn't enough to put your critical suppliers through rigorous testing at onboarding. It's time for continuous monitoring - and accountability. Topics to discuss:

• How to vet those critical suppliers and build in the right contract language for performance levels, breach notification and response; 
• How to monitor your vendors' security posture - and your vendors' vendors; 
• How to determine the protocol when there is an incident and engage your suppliers in incident response and testing.

What role does identity play in your organization? Is it seen as an enabler or a consistent roadblock? An escalating expense and headache or a key asset? Is your innovation “stuck” without a clear path forward? This panel will discuss the emerging fabric trends and why putting identity at the center is the strategic launchpad for successful innovation in a variety of initiatives such as regulatory compliance, Zero Trust Architecture, productivity, customer experience and more.

Cloud infrastructure is extremely complex, with thousands of workloads and data resources, service and human identities, and policies and configurations. With so many moving parts, it’s nearly impossible to clearly see or understand what is going on in your AWS, Azure and GCP environments - let alone control it. Efforts are exacerbated by the rapid pace of development, shortages in cloud expertise, and the number of stakeholders.

Ultimately the most important questions are: Is my data exposed? Who can access it? Only with clear, contextual, actionable risk insight into all identities, configurations and resources can you begin to grasp effective access and the risk to your data. Find out how an identity-first approach to cloud security can help you reduce your cloud attack surface and blast radius - and stay compliant.

View our CyberEdBoard Profiles in Leadership Interviews with Marene Allison, CISO at Johnson & Johnson, Diego Souza, Global CISO at Cummins, Nicole Ford, VP & CISO at Carrier and more.

As the Washington state chief information security officer within the Office of Cybersecurity, Vinod Brahmapuram is at the heart of the state government's digital transformation and efforts to modernize SecOps. In this exclusive conversation, he discusses:

• Improving digital services without compromising security; 
• Adopting the zero trust framework in alignment with the federal government; 
• Addressing the growing talent shortage.

Critical resources need defense in depth beyond validating identity. Certificates provided a method to establish this trust. It is time to remove the calendar reminder for our certificate renewal. Duo’s Device Health Application can verify enrollment into corporate management systems without deploying certificates. Learn how this is done with some common asset management solutions.

There are too many alerts for humans to track and too much analysis needed to even determine in a reasonable time which alerts are meaningful. These are areas where machine learning can play a role in automating incident response functions. But what about when it's time to actually investigate an incident? At that point, what role do automated tools play, and what role needs to remain distinctly human?

In this panel, two cybersecurity leader share their experiences and insights on:

• The role of ML/AI to define the threat landscape;
• Efficiencies gained from automation;
• Where human judgment is needed most.

Breaches happen, and 2021 was a record-breaking year for them. According to Identity Theft Resource Center research, there were 1,291 breaches publicly reported in 2021 as of September 2021 compared to 1,108 breaches in 2020; that’s a 17% year-over-year increase. Meanwhile, millions are spent on security operations centers that aren’t stopping the breaches from happening. Join us for a discussion of: 

• Why SOC and security teams are way too limited by legacy SIEM; 
• How machine learning-driven analytics and automation technologies provide unmatched threat detection, investigation and response capabilities so security teams can respond more quickly and accurately to seize the breach and mitigate damage; 
• A simple maturity model based on outcomes and use cases that can vastly improve security operations.

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

Stop by the Expo Hall.

How do you turn today’s threats into tomorrow’s advantage? Does your organization have proper tools that will learn and adapt to incoming and disruptive active threats? This is the promise of eXtended Detection and Response, or XDR. XDR enables detection, response and adaptive prevention, simultaneously. Ecosystems today need to be built to disrupt active threats and to be woven into your day-to-day operations. Join us in our discussion focused on security outcomes within your organizations.

Zero Trust is one of the most talked-about themes in cybersecurity. While the term means different things to different people, we can all agree on two things: It’s a journey worth taking, and microsegmentation is a key pillar of that journey. The next question always is: How do you get started?

Regardless of the sophistication of ransomware, the end goal is always the same: Get in through a vulnerability and move laterally through your network. Join this presentation as we help peel back the layers to provide you with simple steps to protect yourself from these threats, including how to:

• Gain visibility to where you are the most vulnerable; 
• Close risky ports; 
• Leverage tools you already have in place without adding layers of complexity. 

While the journey can seem intimidating, we’ll help you realize that it doesn’t take a team of 100 or a doctoral degree to deploy zero trust microsegmentation that will protect your organization and keep ransomware at bay.

Digital payments and digital transformation have much in common. Both have undergone revolutionary changes in condensed periods, and both have indelibly changed their respective landscapes.

In this session, Samant Nagpal of digital payments provider Square discusses the evolution of fraud schemes in his space, as well as the impact of emerging authentication technologies and the challenges of Square's global expansion.

Governments and industries in the private sector are ever interested in using biometrics for automatically identify or authenticate people. Biometrics definitely appear like the “golden key” of security – it’s much harder to spoof an iris scan or fingerprint than a password! However, collection of biometric data also comes with its share of unique risks.
Come to this session to learn how Alaska Airlines has embraced the use of biometrics to streamline and improve the guest experience without compromising guest privacy and security of their data.  

All content from Day 1 will be available on demand from 9 AM - 5 PM PST on Day 2, Wednesday, February 23rd. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.