ISSA-LA CISO Forum
Keynotes and Sessions
Digital Transformation – Cloud as Cybersecurity Risk Reduction
Public cloud adoption can serve as the center point for digital transformation efforts. As organizations grapple with increasing challenges from adversaries and a call for increased transformation efforts, to include an improved cybersecurity posture, the drivers to consider a heavy investment in the adoption of cloud become increasingly compelling. This session will examine best practices and provide counters to typical blocking efforts preventing cloud adoption.
What could be more exciting in Cyber Security than Zero Trust?
The discussion will take participants into the world of Zero Trust full of excitement along with perils and conundrums. There is no shortage of vendors trying to sell Zero Trust. Can we really buy Zero Trust? Is there more to the story? The path to Zero Trust is a lot more complex than just buying a product. Join the discussion to unravel the mystery of Zero Trust!
Did Mudge Do the Right Thing?
Recent events have brought professional ethics in the spotlight for cybersecurity leadership. They also highlight a significant contributor to distress and mental health issues among cybersecurity practitioners – moral injury. Moral injury occurs in one of three ways: acts of omission, acts of commission, or acts of betrayal from someone in a higher position of authority. It affects front line health care providers, military personnel, and teachers among others. Today we’ll focus on the phenomenon of moral injury in cybersecurity leadership – the reality of having to navigate between a growing threat landscape and business leader’s reluctance to address risks in the way the cyber team feels is appropriate. We have a number of case studies: Solarwinds, T-Mobile, Equifax, and Twitter. We’ll examine the equations involved in determining a path forward – whether it be whistleblower, resignation, being a team player or some combination of the two and tee up the discussion, “Did Mudge Do the Right Thing?”
Truth or Dare – Cyber Insurance Misunderstandings
What is and is not included in policies, what needs to be monetized beyond records, and why am I having to pay a premium for someone else’s failures – where is my safe driver discount?
Security Strategy on Technology – Technology Transformation, Innovation, Adoption and Governance
Evolution of technology and availability of abundant technology options have enabled business and consumers to have more options for smart decision, better usage of resources, ease of communication and interaction, moving faster with more offerings and choices, and flexibility. Many companies have embraced technology transformation in cloud, data lake, mobile, AI, machine learning, IoT, robust APIs, and 3rd party services. Business leaders will continue to demand business to move faster, cheaper and smarter. However, transformation brings risks from unforeseen channels and more exposure points from a security point of view. Join us as we discuss topics and share strategy, ideas, challenges and lessons learned from other security leaders.
- What Is Your Company’s Strategy on Technology Transformation, Innovation, Adoption, and Implementation?
- What is your security program’s role in technology decisions?
- Do you have adequate security resources, tools and expertise to manage technology decisions and security reviews?
- Examples: public cloud and security tools in cloud, IoT testing, vulnerability mgt, SaaS, mobile apps and devices, data lakes and scanning of data, registration of all technology, 3rd party technology in usage, onboarding new technology, 3rd Party APIs, SSO and MFA enablement, rogue SaaS usage, etc.
- What are your current challenges and pain points related to technology transformation and adoption?
- What are your viewpoints on ideal technology maturity stage in your company and how security should be partnering during the technology transformation phases?
- What are your top security concerns related to technology?
Hear thought provoking discussion about important areas that we are all concerned about, and the challenges associated with them. Our panel will share their experiences and be ready to field your questions.
Show Me the Value: 3 Questions to Ask Your Vendors
In the land of shiny toys, gimmicky features, and marketing buzzwords – value is king. The question of value is subjective, and every vendor will tell you that they delivery value. But do they? This talk will provide a 3-dimensional value evaluation for vendors and service providers, and gives an example of how to utilize the method to uncover true value from empty promises.
Global Insider Threats and Disinformation: State Actors, Hucksters and Other Malicious Influences
· Insider threats created by ‘work from anywhere’ trend;
· Coordinated efforts by state actors targeting employees and infiltrating firms;
· Disinformation promulgated by state actors, for-profit hucksters and agents of chaos; and
· The role of CISOs in confronting these threats
Planning works. Plans usually don’t. Poise Under Pressure
An organization’s competitive strength is predicated by 1 thing, the strength of its bench. Strategic planning now has cyber security in the Top 3 of garage-band startups to Fortune 100. Sustainability includes tech security, and the team to support it. Man made to natural threats, leaders leave nothing to chance.
In this session, you’ll learn actionable tips & techniques to strengthen your organization’s infrastructure and bench of talent. Confidence, capability, capacity, competitiveness, through readiness and sustainability.