National Virtual Security, Risk & Compliance Summit
February 24, 2022
National Virtual Security, Risk & Compliance Summit
Anyone can log in from anywhere. All you need is WiFi.
The Assembly will feature members from...
Agenda
* All Times In EST
12:00pm-12:05pm
Opening Remarks
12:05pm-12:50pm
Keynote Panel: “The Nexus of Identity, Security and Zero Trust – Lessons Learned and the Path Forward”
 |
Ping Identity |
2U |
Ncontracts |
|
| Patrick McBride CMO |
Aubrey Turner Executive Advisor |
Andres Andreu SVP, Cybersecurity (CISO) |
Jon Bowker CISO |
read more »
Given the overwhelming impact of ransomware and other significant breaches, achieving Zero Trust must be a critical path element for every organization’s cybersecurity infrastructure. One of the key challenges will be to implement additional preventative measures, rather than just bolstering existing detection and response capabilities.
The panel will discuss the overlap between identity, cybersecurity and Zero Trust – the path forward, key lessons learned, and things that still need to be sorted out as organizations move forward.
- What does Zero Trust mean to Identity and Cyber professionals?
- How will the identity/cyber tech stacks change and what will be some of the most important architectural implications and trends?
- What additional preventative measures will be needed?
- How will this impact traditional approaches to MFA, VPN, and MDM?
« show less
12:55pm-1:10pm
Keynote Fireside Chat: “Managing security posture risk against today’s technology inventory dilemma”
 |
||||
| Arthur Lozinski Co-Founder and CEO |
read more »
Multi-cloud, hybrid working, SaaS, and shadow application growth are exacerbating attack surface risks. The sheer volume, distribution, and dynamics of modern technology portfolios has outpaced the conventional means for organizations to effectively govern inventory, hygiene, and data protection – foundational to security and compliance. In this session, Arthur Lozinski, CEO of Oomnitza, will examine the underlying challenges and explore the key tenets, capabilities, and applications of Enterprise Technology Management (ETM).
In this informative fireside chat, attendees will learn:
- How a siloed tools approach leads to worse data hygiene for technology management
- Achieve visibility by leveraging the existing system management tools in your portfolio
- Learn how quality data can lead to workflow automation for security, compliance, audit, finance and experience
« show less
1:15pm-1:30pm
Disrupter Presenter: “Integrating Risk Insights: A Multi-Dimensional Risk Perspective”
 |
||||
| Scott Chandler Strategic GRC Specialist – GRCP | CIPP/E | ITIL |
read more »
Make the most out of your data to manage and mitigate risk across the business. As risks become increasingly interconnected, it’s essential to work from a single source of truth. Businesses’ digital transformation continues to accelerate, the chances for identified and unknown risks to fall into business blind spots increase as well. By Leveraging an integrated risk management platform, your business can gain insights into and coordinate across business functions to treat the source rather than the symptom of risk exposure. This session will discuss how organizations can craft a tailored experience for teams and their specialized needs across privacy, IT risk, and vendor risk management.
Key Takeaways
- Collect qualitative data across teams to enrich risk insights
- Leverage out-of-the-box automation to streamline persona-based contributions to effective risk management.
- Identify the extent of your risk exposure across internal operations and your extended enterprise
« show less
1:35pm-2:00pm
Fireside Chat: “Security Observability – Are you ready for the next Log4J crisis?”
 |
|
|||
| Dana Gardner Director, Product Evangelist |
Sanjay Nagaraj Co-Founder & CTO |
read more »
When Log4j emerged, many organizations were caught “flying blind”, hoping that they could protect their applications with their traditional perimeter defense. Modern applications are extremely hard to secure because, in the cloud, the apps are no longer behind a firewall, but rather connected to services potentially everywhere. As a result, security at the gate is simply not enough, now we need visibility of what we have, how it is behaving, and how it is being used or abused. We need visibility with the context of the application in order to protect the business from emerging threats like Log4J and others.
In this session you’ll learn:
- How applications have changed and why we need to rethink application security
- How APIs are the key to security in the future
- How application security requires close collaboration across dev, sec, and ops
« show less
2:05pm-2:20pm
Disrupter Presenter: “Achieving Cybersecurity Readiness with MITRE ATT&CK: Elevating Human Performance”
 |
|
|
|
|
| Jonathan Reiber Senior Director for Cybersecurity Strategy and Policy |
read more »
Mounting an effective cyber defense has always been difficult and the pressure on Chief Information Security Officers (CISOs) has increased during the pandemic. Adversaries are ramping up attacks and ransomware has become increasingly commodified. The urgency to treat cybersecurity as a business decision has never been greater.
How can CISOs better prepare their defenses? Adopt a mindset that assumes breach—and then use known attacker tactics, techniques, and procedures from MITRE ATT&CK to validate your defense effectiveness. Compliance alone does not equal real security; to achieve real security readiness, organizations should make decisions on the basis of real-time performance data against threats and evidence of security outcomes.
In this session, we will discuss strategies and solutions to answer several key questions:
- What attacks might happen to us?
- How well is our security program performing in relation to known threats?
- Are we getting the most out of our security investments?
- How to validate your compliance effectiveness while easing your compliance burden.
You will leave the session with a deeper understanding of how organizations measure cybersecurity readiness and human performance, novel insights into the state of geopolitics and cyberspace operations today, and clarity about how to achieve real cybersecurity and compliance readiness.
« show less
2:25pm-2:55pm
Closing Fireside Chat: “Top Trends & Challenges in Security and Risk Management”
 |
Epiq |
|
|
|
| Richard Warner CEO Aware Force |
Ilya Pozharsky Senior Director of Security and Compliance |
* All Times In EST
Media Partners
Got questions? We've got answers!
Why should I attend?
Your time is valuable and we make sure to make the most of it! We take the time to figure out your challenges and customize your experience to meet your needs. Our agendas are tailored to your feedback and we pride ourselves in covering the most cutting-edge content delivered by renowned industry experts. Look forward to building enduring partnerships and together we’ll go straight to the top.
Where is the event taking place?
The event is by invitation-only. The location will be released to all attendees once your registration has been confirmed.
What is the dress code?
We recommend business attire. Most attendees wear suits or comparable attire. Ties are optional.
Can I bring a colleague with me?
Yes! We always urge our members to refer their colleagues! We love adding new members to the community, especially if they come highly recommended by a current member. Either have them reach out to your Apex POC or have them fill out the Member Registration Form.
What if I have dietary restrictions?
No problem! Please let your Apex POC know as soon as possible in order for us to work with the venue on providing alternate options for you at the event.
What if I want to speak at an assembly?
Apex is always looking for speakers that can contribute their valuable insight. If you would like to speak, please contact your Apex POC or fill out the Speaker Registration Form on the Assemblies page. Please keep in mind that we receive many inquiries for speaking and sessions are available on a first come first served basis. But no need to worry, we have plenty of opportunities available at future assemblies.
I plan on being in attendance, but what if something comes up and I have to cancel?
We understand that something may come up on your calendar! Before canceling with us, please know that we will have a separate room for attendees to step out for work-related activities (meetings, emails, conference calls, etc.). If you must cancel, we just ask that you let us know at least 48 hours in advance so that we can open up the waitlist for another member.
In today’s digital landscape Risk Management, Privacy, Compliance & Data Protection has become a top priority among IT executives. Decision makers are focused on reducing uncertainty, minimizing the risk of data breaches, and enforcing controls to prevent vulnerabilities that negatively impact data confidentiality, integrity and the organization as a whole.
Adopting an enterprise wide Risk Management and Compliance strategy is driven by fundamental shifts in internal and external forces that impact the business and how it operates. Disruptive technologies are being introduced to the market faster than ever and executives must have the ability to align and address the enterprise-wide transformation challenges. These changes will ultimately influence strategic planning, business operations and the overall trajectory of the operating model moving forward. With unceasing demands, technology has become more complex and solution providers more difficult to decipher.
Apex Assembly will unite visionary leaders and industry experts for a half day of content and discussion, where we will examine the challenges of 2022 and concentrate on the most pressing issues of the future in the information technology sector.
Through collaboration with our executive community, we have discovered key industry challenges and trends. These topics form the foundation of the Summit and will be addressed through Panels, Disrupter sessions, and Fireside chats.
Hosted using video conferencing technology, our Virtual Summit gives executives and service providers the opportunity to engage with like-minded executives and industry leaders without having to leave their office or home.