CISO National Virtual Summit
March 23, 2021
CISO National Virtual Summit
Anyone can log in from anywhere. All you need is WiFi.
The Assembly will feature members from...

























Agenda
* All Times In EST
12:00pm-12:05pm
Opening Remarks
12:05pm-12:50pm
Keynote Panel: “State of Security“
Moderated By:
![]() |
||||
Pekin Insurance |
7-Eleven |
Jack Henry & Associates |
Cemex USA |
|
Greg Bee CISO & Chief Risk Officer |
Sujeet Bambawale CISO |
Yonesy Núñez CISO |
Romeo Siquijor CIO |
read more »
The charter of the CISO has always been daunting, made even more so by the challenges brought forth by the COVID pandemic. From budget constraints to competing priorities, business and security leaders need to rethink their ideas around business continuity, expansion/contraction, work-from-home/work-from-office, all while managing exposure and risk. The CISO is entrusted to protect and defend the enterprise internally and externally from continuous threats in a constantly changing landscape, typically with limited resources and unrealistic deadlines, all with the expectation that there are zero vulnerabilities. Given such an impossible reality, “hope” can seem to be the best strategy. It is not. Please meet our panel of CISOs that will share their experiences in how they navigate these challenges, and plan for success rather than hope for it! You will learn from them:
- The unique COVID-related cybersecurity challenges presented in 2020;
- The balance between playing “offense vs. defense” in today’s environment;
- The benefits and difficulties with outsourcing vs. insourcing cybersecurity solutions;
- Emerging threats.
« show less
12:55pm-1:20pm
Keynote Presenter: “”
![]() |
||||
read more »
Abstract: Zero Trust is suddenly THE cyber strategy that everyone is talking about. From the recent Forrester Zero Trust Wave to every security vendor’s website, the words “Zero Trust” are popping up just about everywhere. Despite the attention, Zero Trust is still a strategy for most, with little reality to show for it. In this session, Illumio’s Chief Evangelist Nathanael Iversen will discuss Zero Trust and <maybe offer some directions/steps/something> to make it a reality.
- Real-world examples of effective Zero Trust strategies
- Best practices for successful implementation
- How to take an end-to-end approach to Zero Trust
« show less
1:25pm-1:50pm
CXO FireSide: “ Rise of Next-Gen Software Supply Chain Attacks “
![]() |
Mondelēz International |
|||
Ax Sharma Senior Security Researcher, Sonatype |
Paolo Vallotti Global CISO |
read more »
Legacy software supply chain “exploits”, such as Struts incident at Equifax, prey on publicly disclosed open source vulnerabilities that are left unpatched in the wild. Conversely, next-generation software supply chain “attacks” are far more sinister because bad actors are no longer waiting for public vulnerability disclosures. Instead, they are actively injecting malicious code into open source projects that feed the global supply chain.
Join this session ith Ax Sharma, Senior Security Researcher, Sonatype to:
- Understand software supply chain attacks and their impact on the open-source ecosystem
- Deep dive into prominent real-world examples of dependency confusion, typosquatting and brandjacking malware
- Learn how your organization can proactively protect itself against software supply chain attacks
« show less
1:55pm-2:25pm
Thought Leadership: “Digital (IT) Governance Is Broken!”
![]() |
||||
Levi Gundert Senior Vice President of Global Intelligence and Customer Success |
read more »
As cyber-attacks increase in complexity, frequency, and velocity, in our experience, many enterprise organizations are reliant on outdated IT governance. The organizational paradigm is limited by slow-moving bureaucracy and scarce resources. This situation is often the result of a limited understanding of the risks on the part of decision-makers, like board executives who rely on outdated corporate governance frameworks that were developed in response to accounting scandals – e.g., WorldCom, Enron, Tyco, etc. – not cyber risks.
Enterprise executives continue to propagate a compliance check-box mindset that values minimal security control investment to meet audit standards. The focus on audit/compliance misses the costs that may extend beyond regulatory penalties into financial losses that are not always small enough to recover from without significant repercussions.
In this session, we draw from consulting experience, candid conversations with security leaders, and empirical research to define the current issues plaguing enterprise cyber governance, while offering specific remedies for organizational leaders striving for an effective governance model that moves beyond audit compliance to iterative and measurable risk reduction.
« show less
2:25pm-2:45pm
Executive Vision Presenter: “Anyone is a target for a Nation-State Attack, Even You“
![]() |
||||
Ran Shahor Brigadier General (Ret.) CEO & Founder, HolistiCyber |
read more »
Any and every one is a target for nation-state grade cyber attacks, especially during and after a global crisis. As we saw in recent large-scale breaches like FireEye and SolarWinds, these attacks can be hugely newsworthy and detrimental. There has been a shift in focus which allows cyber-attacks to grow and intensify, and a large portion of them are nation-state grade. The private sector, all verticals and industries, have always been a target for these, and the events in 2020 only worsened it.
These highly advanced mechanisms of cyber assault are continuously evolving and readily available for sale on the darknet, enabling hackers and new players to become extremely powerful attackers. The question arises – How can organizations protect themselves in today’s crisis cyber reality? And what happens the day after? Fortunately, there are answers and solutions.
In his presentation, Ran Shahor, IDF Brigadier General (Ret.) will discuss the challenges organizations face, the solutions, the holistic approach and the secret sauce needed in order to be protected and stay ahead of the curve.
« show less
2:50pm-3:30pm
CXO Panel: “Calculating the ROI on your security service provider“
![]() |
||||
Mike Rutledge Strategic Business Manager, F-Secure Countercept |
read more »
Working with outsourced security partners can sometimes feel like paying for an expensive black box. What are they really achieving for you and how do they do it? Understanding how, or perhaps even if, your security partner contributes to the ROI on your overall security plan is paramount and can start to reveal where improvements could be made. In this panel discussion, we will hear from peers working within information security how they tackle this challenge and what a good outsourced security partner looks like to them.
Key takeaway bullets:
- An understanding of how your peers see value in their service providers
- A range of options in methodology for calculating security ROI
- An understanding of what good looks like in an outsourced security partner
« show less
3:35pm-4:00pm
CXO FireSide: “Assume Breach and Stop Attacker Movement“
![]() |
Castleton Commodities International |
|||
Wade Lance Field CTO, Illusive |
Nikolai Zlatarev CISO |
read more »
Human-operated attacks, including nation-state espionage and targeted ransomware, are on the rise against large enterprises in every industry. These are highly-targeted strains designed to evade security controls, reach critical assets and either steal information or surgically extort large sums of money. Despite significant investments, It’s still difficult for any given enterprise to be certain that attackers can’t bypass their security tools, move inside the environment and manipulate or encrypt data. During this presentation, we will examine how to stop sophisticated attackers by choking off their ability to move laterally and encrypt thousands of devices at scale.
« show less
4:05pm-4:45pm
Closing Keynote Panel: “Protecting your data – no matter what happens next“
Moderated By:
![]() |
||||
John Grimm Vice President of Strategy and Business Development |
TracFone Wireless |
Elanco |
Bright Horizons |
MassMutual |
|
Igor Spektor CISO |
Murtaza Nisar CISO |
Javed Ikbal CISO |
Anne Coulombe Head of Data Protection & Data Protection Officer |
read more »
The use of encryption to protect sensitive data has become much more pervasive, with the average enterprise now using more than 8 different products that perform encryption. Protecting and managing the secret keys used to perform encryption and decryption is the linchpin of a data protection strategy, but many organizations struggle to do it consistently and effectively.
This session and discussion will explore:
- The challenges created by digital transformation, mobility, and other initiatives that create new destinations for sensitive data
- The evolving threat landscape and the role encryption plays – both good and bad
- Best practices for managing encryption and the security of keys in complex multi-cloud and enterprise environments, particularly as new technologies are introduced.
« show less
* All Times In EST
Media Partners
Got questions? We've got answers!
Why should I attend?
Your time is valuable and we make sure to make the most of it! We take the time to figure out your challenges and customize your experience to meet your needs. Our agendas are tailored to your feedback and we pride ourselves in covering the most cutting-edge content delivered by renowned industry experts. Look forward to building enduring partnerships and together we’ll go straight to the top.
Where is the event taking place?
The event is by invitation-only. The location will be released to all attendees once your registration has been confirmed.
What is the dress code?
We recommend business attire. Most attendees wear suits or comparable attire. Ties are optional.
Can I bring a colleague with me?
Yes! We always urge our members to refer their colleagues! We love adding new members to the community, especially if they come highly recommended by a current member. Either have them reach out to your Apex POC or have them fill out the Member Registration Form.
What if I have dietary restrictions?
No problem! Please let your Apex POC know as soon as possible in order for us to work with the venue on providing alternate options for you at the event.
What if I want to speak at an assembly?
Apex is always looking for speakers that can contribute their valuable insight. If you would like to speak, please contact your Apex POC or fill out the Speaker Registration Form on the Assemblies page. Please keep in mind that we receive many inquiries for speaking and sessions are available on a first come first served basis. But no need to worry, we have plenty of opportunities available at future assemblies.
I plan on being in attendance, but what if something comes up and I have to cancel?
We understand that something may come up on your calendar! Before canceling with us, please know that we will have a separate room for attendees to step out for work-related activities (meetings, emails, conference calls, etc.). If you must cancel, we just ask that you let us know at least 48 hours in advance so that we can open up the waitlist for another member.
With an alarming number of breaches, it is clear that the attack surface has greatly expanded. As enterprises work to develop a progressive strategy, there is an increasing need to deploy and manage a variety of advanced internal and external security services. This leaves the Chief Information Security Officer faced with a multitude of challenges to maintain and run a secure enterprise.
The CISO is at the center of the security dialogue and is ultimately responsible for the guidance and leadership of an increasingly intricate technology landscape. Given the weight of that responsibility, the search for the most transformative solutions that enable them to protect the enterprise is constant and the need to stay ahead of the curve, a must.
Apex Assembly will unite visionary leaders and industry experts for a half day of content and discussion, where we will examine the challenges and the most pressing issues of 2021 in the information technology sector.
Through collaboration with our executive community, we have discovered key industry challenges and trends. These topics form the foundation of the Summit and will be addressed through Panels, Disrupter sessions, and Fireside chats.
Hosted using video conferencing technology, our Virtual Summit gives executives and service providers the opportunity to engage with like-minded executives and industry leaders without having to leave their office or home.