Strengthening Cyber Defense in an Uncertain Threat Landscape

What kinds of vulnerabilities does the hybrid workforce present? CISOs across the country are tasked with securing the decentralized force amid a constantly evolving threat landscape.

How can leaders collaborate to create a stable security architecture that is suited for the remote workplace?

Attend this session to learn:

• Best practices for hardening technology to keep networks secure
• How to manage various security scenarios for employees that work onshore and offshore
• How to craft a communication plan with employees to stay accountable for risk and effectively manage sensitive information

Raj Badhwar

SVP, Global Chief Information Security Officer

Voya Financial

Today’s security framework is complicated. For most large-scale organizations, data is stored using variety of different mediums on and off-prem. The physical office used to be the security “mecca” to ensure that devices and data remained secure, but the unpredictability and boundary-less landscape of the remote workplace has forced security professionals to explore other angles.

How can cyber security professionals ramp up their defense strategies to increase response to breach and reduce impact?

Attend this session to:

• Analyze the ways that your insider threat defense plan needs to evolve in the remote and hybrid workplace
• Discover how strategies like Zero Trust and SASE can change the way that organizations monitor and deal with security attacks
• Observe how you can strategize to respond to internal threats more efficiently

Moderator:

Aaron Baillio

Chief Information Security Officer

University of Oklahoma

Panelists:

Morgan Reece

System Director Security Architecture

Baylor Scott & White Health

Joel Caminer

Director of Cyber Security Education

New York University

Patrick Benoit

VP, Global Cyber Governance, Risk, & Compliance (GRC) / Business Information Security Officer (BISO)

CBRE

“Software is eating the world” is a common refrain describing the oversized influence software has in how we run our businesses. Third party software usage is on the rise, accelerated by WFH initiatives and digital transformation to application development demands.  This has resulted in the challenge for many organizations to uncover and manage the inherent risk that this code introduces.

Vince Arneja, Chief Product Officer at GrammaTech, share his insights into how to uncover and understand the risk of third party software within the software supply chain.

You’ll Learn:

• How to analyze the risk or vulnerabilities that may be introduced if an institution were to deploy COTS products like video conferencing throughout all of the employees’ devices in an organization
• Why you should extend the FOSS process to scan for non-source code libraries or binaries being brought into applications by your developers
• Ways to identify vulnerabilities in third party software or purchased libraries while creating a software bill of materials

Vince Arneja

Chief Product Officer

GrammaTech

Organizations across the globe have rushed to move workloads onto the cloud to enable employees to better manage enterprise data in the remote world. The migration to the cloud presents additional security measures that are often beyond CISO control.

How can executives take a step back to identify where vulnerabilities in the cloud exist, while strategizing to make continuous improvements against strengthening security threats?

Attend this session to learn:

• How to manage risk to secure corporate data stored on SaaS applications
• Best practices to monitor cloud implementation to maintain control of your data
• Address additional authentication measures to incorporate into your cloud security architecture to prevent breach

Moderator:

Matt Connors

Chief Information Security Officer

Southern New Hampshire University

Panelists:

Michael Dennehy

Information Security Architect

Service Corporation International

Johnnie Rogers

Director, Application Security Consulting

Nike

Edwin Covert

Director- Security Testing and Review

Warner Media

Robust protection for critical infrastructure is essential to the wellbeing of any modern organization. In recent years, the list of potential cybersecurity threats has grown to include attacks on essential infrastructure. It is imperative for CISOs to identify and prioritize critical infrastructure in planning and implementing their cyber-defense strategy.

In this timely discussion, Nicholas Andersen, the CISO for Lumen Technologies and a former White House cybersecurity adviser, explains why and how managers should train their security teams to combat critical infrastructure attacks. Drawing from his background in government and in the corporate sector, he will share case insights that illustrate the potentially cascading impacts for companies that fail to properly secure key systems and assets.

What you’ll learn:

• How to prepare your organization for critical infrastructure threats
• What training and resources are needed to build a team that can respond to threats quickly and effectively to minimize the impact
• What relationships are vital to developing a successful defense

Nicholas Andersen

Chief Information Security Officer - Public Sector

Lumen Technologies

AI has a dark side. Bad actors are using artificial intelligence to develop more sophisticated threats such as malicious malware and deep fake technology. Experts predict that offensive AI-driven attacks will only increase over the next few years.

Join Sujeet, Bambawale, Chief Information Security Officer, 7-Eleven, to learn what kind of controls need to be implemented to protect algorithm against algorith.

Attend this session to learn:

• How to use artificial intelligence to identify deep fakes and other malicious behaviors
• The best practices to upskill IT teams to respond to malicious AI to reduce impact
• What the future of offensive AI might endure — how can CISOs prepare for the speed and unpredictability of AI-driven cyberattacks?

Sujeet Bambawale

Chief Information Security Officer

7-Eleven