CISO National Virtual Summit
October 14, 2021
CISO National Virtual Summit
Anyone can log in from anywhere. All you need is WiFi.
The Assembly will feature members from...
Agenda
* All Times In EST
12:00pm-12:05pm
Opening Remarks
12:05pm-12:40pm
Keynote Panel: “Key Insights to Prevent Never-Before-Seen Cyber Attacks“
Fortalice Solutions |
||||
Mike Britton CISO |
Theresa Payton President and CEO |
read more »
Traditional cybersecurity infrastructure can’t stop new and emerging threats, particularly in the email channel, and cybercriminals are constantly changing their methods to stay one step ahead. Your employees are continuously being targeted, and you must protect them from these attacks—often ones that have never been seen before. Fortunately, there are insights you can use to protect your company and your employees.
Theresa Payton, first female White House CIO and leading cybersecurity expert, and Mike Britton, CISO at Abnormal Security, will discuss:
- How and why cybercriminals change their methods to create new, never-before-seen threats
- What tactics can be used to to block emerging threats before they reach your employees
- What you can do today to protect your organization from new, high-risk threats
« show less
12:45pm-1:10pm
Keynote Presenter: “Enforcement Boundaries: One Small Step for Segmentation, One Giant Step Against Ransomware“
Christer Swartz Principal Technical Marketing Engineer |
read more »
« show less
1:15pm-1:40pm
Fireside Chat: “Securing the software supply-chain: lessons and trends in autonomous, zero-trust runtime security.”
|
|
|
||
John Matthew Holt Founder and CTO |
read more »
Modern enterprise applications are no longer the single-vendor, monolithic software packages of a generation ago. Today’s modern enterprise application is a thin layer of business logic code sitting on top of a complex web of third-party platforms, frameworks and libraries so that for every 1 line of business logic code that you write, there are 10 lines of invisible third-party code executing inside your application stack that you didn’t write and have no security control over.
New approaches to securing the software supply chain are emerging which go inside the application at runtime to secure the invisible code and memory that comes from outside of your developers and outside of your security control. During this session we will discuss the vulnerability and compliance trends that are driving the rise of autonomous, zero-trust runtime security solutions for third-party code components and the various forms that such solutions take. We will conclude with a look to the future convergence of these runtime security solutions with other runtime, in-app products widely deployed today.
Key Takeaways:
- The security of today’s enterprise applications is overwhelmed by large quantities of third-party code that comes from outside your organization and outside of your security control
- Until recently the principal (and often-times, only) solution for securing third-party code has been continuous SCA with manual software upgrades that require considerably developer effort, testing and cost
- In spite of the widespread adoption of SCA tools in the last several years, vulnerable and/or outdated third-party components has risen from 9th to 6th position in the most recent OWASP Top 10 2021 draft rankings with OWASP warning that this rise reflects the ongoing struggle to test and secure the software supply-chain
- New runtime security solutions are emerging which use live access to an application’s executing code and memory to provide autonomous security without manual developer effort or tuning
- Autonomous runtime security solutions are an important new tool in the fight to secure the software supply-chain of modern enterprise applications
- Runtime application security, runtime container security and APM tools will converge over time as customers look to consolidate the number of runtime products used with their applications
« show less
1:45pm-2:25pm
CXO Panel: “The Future of Strong Authentication“
Coats |
Edward-Elmhurst Health |
|||
Patrick McBride Chief Marketing Officer |
Dr. Jasson Casey Chief Technology Officer |
Benjamin Corll CISO |
Shefali Mookencherry CISO |
read more »
Authentication is a foundational element of every cybersecurity program. With more than 80% of data breaches and a large portion of ransomware incidents stemming from credential-based attacks (e.g., phishing, credential stuffing, RDP brute forcing, etc.), it has become clear that passwords are a fatally flawed authentication method. How does MFA, device trust, and Zero Trust fit into a strategy for strong authentication?
Discussion topics include:
- How has the increased need for distributed work changed requirements?
- How has traditional MFA been working, and how to address its vulnerabilities?
- Can we gain risk-reduction improvements by converging the traditionally disparate identity and security processes and technologies?
- What is device risk, and why is the real-time assessment of endpoint security important?
- What role do you think credential theft plays?
- What additional steps can we take to advance a Zero Trust strategy?
« show less
2:30pm-2:45pm
Disrupter Presenter: “How to successfully integrate security into your DevOps“
Cindy Blake Senior Security Evangelist |
read more »
« show less
2:50pm-3:35pm
Closing CXO Panel: “Cybersecurity 2022: The Top Challenges CISOs Should Prepare for Now“
Sinclair Broadcast Group |
||||
Jake Olcott VP, Communications & Government Affairs |
John McClure CISO |
read more »
2022 is shaping up to be a critical year for CISOs and their security programs. From new regulations to increased oversight to supply chain risk management to incident response, CISOs will have their hands full. How should CISOs address these major challenges? What should they prioritize within their security programs? What steps should they take now?
Join Jake Olcott, VP of Government Affairs at BitSight to understand what’s coming in 2022 and how to best prepare. Topics to be discussed include:
- New regulatory requirements
- Board oversight and reporting
- Cyber risk quantification
- Supply chain risk management
- Incident response preparedness
« show less
* All Times In EST
Media Partners
Got questions? We've got answers!
Why should I attend?
Your time is valuable and we make sure to make the most of it! We take the time to figure out your challenges and customize your experience to meet your needs. Our agendas are tailored to your feedback and we pride ourselves in covering the most cutting-edge content delivered by renowned industry experts. Look forward to building enduring partnerships and together we’ll go straight to the top.
Where is the event taking place?
The event is by invitation-only. The location will be released to all attendees once your registration has been confirmed.
What is the dress code?
We recommend business attire. Most attendees wear suits or comparable attire. Ties are optional.
Can I bring a colleague with me?
Yes! We always urge our members to refer their colleagues! We love adding new members to the community, especially if they come highly recommended by a current member. Either have them reach out to your Apex POC or have them fill out the Member Registration Form.
What if I have dietary restrictions?
No problem! Please let your Apex POC know as soon as possible in order for us to work with the venue on providing alternate options for you at the event.
What if I want to speak at an assembly?
Apex is always looking for speakers that can contribute their valuable insight. If you would like to speak, please contact your Apex POC or fill out the Speaker Registration Form on the Assemblies page. Please keep in mind that we receive many inquiries for speaking and sessions are available on a first come first served basis. But no need to worry, we have plenty of opportunities available at future assemblies.
I plan on being in attendance, but what if something comes up and I have to cancel?
We understand that something may come up on your calendar! Before canceling with us, please know that we will have a separate room for attendees to step out for work-related activities (meetings, emails, conference calls, etc.). If you must cancel, we just ask that you let us know at least 48 hours in advance so that we can open up the waitlist for another member.
With an alarming number of breaches, it is clear that the attack surface has greatly expanded. As enterprises work to develop a progressive strategy, there is an increasing need to deploy and manage a variety of advanced internal and external security services. This leaves the Chief Information Security Officer faced with a multitude of challenges to maintain and run a secure enterprise.
The CISO is at the center of the security dialogue and is ultimately responsible for the guidance and leadership of an increasingly intricate technology landscape. Given the weight of that responsibility, the search for the most transformative solutions that enable them to protect the enterprise is constant and the need to stay ahead of the curve, a must.
Apex Assembly will unite visionary leaders and industry experts for a half day of content and discussion, where we will examine the challenges of 2021 and concentrate on the most pressing issues of 2022 in the information technology sector.
Through collaboration with our executive community, we have discovered key industry challenges and trends. These topics form the foundation of the Summit and will be addressed through Panels, Disrupter sessions, and Fireside chats.
Hosted using video conferencing technology, our Virtual Summit gives executives and service providers the opportunity to engage with like-minded executives and industry leaders without having to leave their office or home.