CISO Leadership Forum: Risky Business - New Enterprise Normal - Argyle Executive Forum Events

Overview

Kaseya’s ransomware attack and the Colonial Pipeline hack are perfect examples of how the complexity of security risks and cyber threats continues to grow! Smart businesses are reacting to increased internal and external risks by shifting to business-driven cyber strategies.

CISO’s and senior IT executives are re-examining cyber budgets and leveling the cyber playing field with new approaches and transformative solutions.

Attend the CISO Leadership Forum on August 5th to hear how top organizations are building resilience and future-proofing the enterprise. Industry experts will examine the challenges and the most pressing issues of 2021 in the information technology sector.

You will learn key industry challenges, trends and risks associated with:

  • Cloud security
  • Analytics and intelligence
  • Threat hunting
  • Machine Learning, AI and automation
  • Governance and risk management
  • The changing role and latest challenges for CISOs
Join Us at This Event

Speakers

Agenda

 

1100

1200

1300

1400

1500

1600

11 AM - 11:30 AM ET

KEYNOTE PRESENTATION: Proactive Threat Hunting for the New Cyber Normal

An attacker can secretly hide in a network collecting data and obtaining login credentials that will allow further access to your IT framework.

Should they elude detection and launch an attack, many organizations lack the advanced detection skills needed to remove those threats from the network. Threat hunting is one answer to this invasive issue.

Attend this session to learn the latest information on threat hunting for networks, endpoints, and datasets.

You will also learn:

  • Specific techniques companies are using to build scalable threat hunting programs
  • How emerging industry trends affect threat detection
  • Ways companies are uncovering malicious, suspicious, or risky activities that have evaded detection by existing tools
  • How a threat hunt is conducted and the most common attack types

Matthew RussettThreat Hunter & Content EngineerMulti-Billion Dollar Defense Contractor

11:35 AM - 11:50 AM ET

THOUGHT LEADERSHIP: Digital Supply Chain Threats – Vulnerability Mitigation in 3rd Party Applications

“Software is eating the world” is a common refrain describing the oversized influence software has in how we run our businesses. Third party software usage is on the rise, accelerated by WFH initiatives and digital transformation to application development demands.  This has resulted in the challenge for many organizations to uncover and manage the inherent risk that this code introduces.

Vince Arneja, Chief Product Officer at GrammaTech, share his insights into how to uncover and understand the risk of third party software within the software supply chain.

You’ll learn:

  • How to analyze the risk or vulnerabilities that may be introduced if an institution were to deploy COTS products like video conferencing throughout all of the employees’ devices in an organization
  • Why you should extend the FOSS process to scan for non-source code libraries or binaries being brought into applications by your developers
  • Ways to identify vulnerabilities in third party software or purchased libraries while creating a software bill of materials

Vince Arneja Chief Product Officer GrammaTech

11:55 AM - 12:40 PM ET

PANEL DISCUSSION: The Evolving role of the CISO

The role of Chief Information Security Officer (CISO) is evolving. Both managerial and strategic leaders, CISOs are increasingly tasked with molding an innovative, security-minded company culture.

During this panel discussion, senior cybersecurity professionals will weigh in on their most pressing issues, goals, objectives, and priorities, and discuss:

  • How the perceptions and realities of their role are changing
  • How CISOs are better aligning their roles with business goals and objectives
  • The latest challenges CISOs face and how these challenges take them beyond the traditional CISO role
  • What CISO roles will look like in the future

Moderator:

Sajed NaseemChief Information Security OfficerNew Jersey Courts

Panelists:

Melissa BendanaIT Compliance and Third Party Risk ManagementBlue Shield of California

Keith TreshChief Information Security OfficerThe State of Idaho

12:45 PM - 1:15 PM ET

THOUGHT LEADERSHIP: Container Orchestration is here, what does it mean for security?

Configuring applications based on the container in which they will run to keep interactions between containers secure is a best practice. However, with containers and container orchestration technologies like Docker and Kubernetes, there can be a lot of buzzwords that obscure what’s going on from a security standpoint.

Attend this session to learn more about the technical underpinning of how containers operate, and:

  • Some of the common security pitfalls in both Docker and Kubernetes
  • Why they’re essentially Remote Code Execution as a service
  • How to avoid the most common mistakes in deploying and securing containers

Rory McCuneCloud Native Security AdvocateAqua Security

1:15 PM - 1:45 PM ET

Afternoon Break

1:45 PM - 2:15 PM ET

KEYNOTE PRESENTATION: Threat Vector #1 - Email Risk in the Modern Enterprise

Social engineering attacks, impersonation, phishing, email/domain spoofing! Email security alone could be a full-time endeavor for cybersecurity professionals.

As attacks become more frequent, it is essential that cybersecurity teams understand the latest tools, processes and strategies for email security.

Attend this session to learn trends and solutions for email security, and;

  • How to maximize existing security controls, capabilities, and investments for email security
  • What’s new in tactics and strategies for protecting email servers
  • The age old ‘Zero Trust’ question and email access
  • How companies are using cyber AI to reduce email vulnerabilities

Sujeet BambawaleChief Information Security Officer7-Eleven

2:20 PM - 3:05 PM ET

PANEL DISCUSSION: Windy with a Chance of Breach - The NOW of Cloud Security

The deluge of cyber-attacks (Solarwinds, Colonial Pipeline, etc.) earlier this year forced the US Cybersecurity and Infrastructure Security Agency (CISA) to come up with new methods for securing cloud instances. This rapid advancement of incidents and new federal focus on cloud-related security should give every cybersecurity leader pause.

The powerful technological capabilities and popularity of cloud computing/storage comes with a slew of issues related to managing visibility, access, and risk.

Attend this panel to learn how organizations are improving cloud security, eliminating risky misconfigurations, and:

  • Addressing multi-cloud visibility
  • Managing the multi-tier issues surround cloud access
  • Common types of attacks targeting cloud infrastructure platforms
  • Identifying and addressing cloud threats and vulnerabilities
  • Detecting cloud-related misconfigurations to reduce the overall attack surface

Moderator:

Sajed NaseemChief Information Security OfficerNew Jersey Courts

Panelists:

Partha ChakrabortyAssociate VP, Head of Cloud Security, Innovation, R&DHumana

Micah CziganChief Information Security OfficerGeorgetown University

Sponsors

ADVISORY BOARD

We are proud to share with you the following Argyle Industry Influencers. Their contributions to Argyle help keep the programs we offer our membership current and relevant, so we can continue delivering you premiere experiences, content development, and membership engagement.

Innovative IT leader with 20+ years of experience in risk management, security, compliance, third-party risk management, business analysis, and planning. Adept at driving business solutions, improving organizational processes and leveraging technology to better achieve business goals.


Tolgay Kizilelma is a business IT leader with almost three decades of experience covering the whole IT spectrum. He started his professional career in 1992 developing CASE ERP tools for System Software Associates (SSA, later acquired by Infor Global). After working briefly for the University of California, Berkeley as a business systems analyst, Tolgay transitioned to private sector leading and managing IT initiatives for a Distribution and Supply Chain Company, Shields Harper & Co. After almost two decades in private sector, Tolgay returned to UC and worked for UC Agriculture and Natural Resources (UC ANR) leading statewide infrastructure projects to extend broadband to UC researchers in rural communities by connecting UC ANR sites to the California Research and Education Network (CalREN). UC ANR has been awarded the CENIC 2018 Innovations in Networking Award for Broadband Applications due to these projects. At UC ANR, he also led and managed the service desk, network, infrastructure/systems, and information security teams covering the whole state.


He is currently leading cybersecurity efforts as the Chief Information Security Officer at UC Merced. He is an advocate of lifelong learning and teaches graduate business analytics courses at Saint Mary’s College of California. His current research interests are cybersecurity, digital transformation, business analytics, and educational IT programs. He has various industry certifications, a BS degree in computer engineering, an MBA, and PhD focusing on information security, quality, and patient safety.


Dr. Sasi Pillay serves as the Vice President and Chief Information Officer (CIO) at Washington State University (WSU). In this role he oversees the computing infrastructure of foundational technologies and research computing, working in collaboration with his constituents. He is also responsible for telecommunications, local area and wide area networking and IT Security. He led the development of roadmaps for Academic and Research Computing, Administrative and Business Computing and for Foundational Technologies. He has improved the service delivery of the ITS organization, by instituting change management, architectural review and project management. In addition, his team is involved in improving IT Security across all of WSU campuses and in deploying a Security Operations Center and a Network Operations Center.


Previously, he served as the Associate Vice President and Chief Information Officer of the University of Wisconsin System, comprising 26 campuses. In this role, he was responsible for the leadership and guidance of a broad portfolio of enterprise technology operations including broadband networking, major academic and business applications, library automation and adoption of strategic new technologies that added value to the University of Wisconsin System for instruction, research, learning and public service. He led the creation of a Strategic Intent Document working closely with the Campus CIOs, initiated a working group to recommend and create a Unified Communication and Collaboration framework and worked on improving IT Security with the help of Campus IT professionals. He also initiated the formation of a system wide Data Governance Council and an Innovation Fund to help introduce and infuse new ideas into the system.


Dr. Pillay served as the Chief Technology Officer for Information Technology (IT) at National Aeronautical and Space Administration (NASA). In this capacity, he directed how promising technologies are developed, evaluated and integrated into mainstream IT services at the Agency. To facilitate innovation, he set up two programs, Open Innovation and IT Labs. These programs have been heralded as a model in government and have received several national awards. He was also responsible for managing Enterprise Architecture, Open Government activities and the dissemination of Scientific and Technical Information for the Agency. Previously, he served as the Chief Information Officer at the NASA John H. Glenn Research Center for 15 years. In this regard, Dr. Pillay had a broad scope of responsibility including managing administrative telecommunications, networking, desktop computing, several key administrative applications, computer modeling and simulation, and high-end computing and visualization. Under his leadership, NASA Glenn served as the lead for NASA for the development of Agency-wide standards and architecture for end user devices and systems with a focus on security, interoperability, and collaboration. He was also responsible for NASA Glenn saving nearly $8 million annually through standardization, consolidation and outsourcing of end user devices and services while improving customer satisfaction and other service metrics. These savings continue to accrue over the years. He also implemented and promoted a collaboration environment resulting in improved productivity and reduced expenses across multiple disciplines comprised of over 200 workgroups.


Dr. Pillay is the recipient of NASA’s Exceptional Service Medal and the Outstanding Leadership Medal. He is also the recipient of the Presidential Rank Award recognizing him as a Meritorious Executive in the U.S. federal government. He was recognized as one of the Federal 100 winners based on his positive impact on NASA and the community. He was also named as one of the top 25 IT leaders in Government citing his technology vision, clout among peers in other agencies, and for the ability to show concrete results. He was recognized as the CIO of the Year by the North East Ohio Software Association in 2008.


Dr. Pillay received his B.S. in Mechanical Engineering from Pennsylvania State University and his M.S. and Ph.D. degrees in Computer Engineering from Case Western Reserve University. He also has a Master’s degree in Management of Technology from the Sloan School of Management at the Massachusetts Institute of Technology.