CISO Forum 2023

It’s now common for CISOs to be board members or regularly engage in C-level business discussions. To be effective, CISOs must learn to speak “dollars and cents” or the language of strategy and opportunity, transformation, and business risk. Rather than framing issues in terms of cybersecurity, they need to frame discussions in terms of business implications. After all, every cyber risk is a business risk (or opportunity). Join Jeff Margolies, Chief Strategy Officer at Saviynt, as he discusses the new CISO mandate with Jim Routh, Former CSO & CISO MassMutual, American Express, DTCC & Aetna.

As the number of breaches and cyberattacks increase, it is crucial to prioritize security conversations in the boardroom. It’s no longer enough for cybersecurity to be the sole responsibility of CISOs. Every executive needs to be aware of the potential risks and take necessary precautions to protect their organization. Learn how to effectively communicate the importance of cybersecurity to the board and ensure your company takes cybersecurity concerns seriously in order to prevent financial losses and reputational damage. You’ll learn how to:

• Tailor the cybersecurity message for your board
• Advocate for the balance of security-specific risks against other business risks
• Better inform your board on cybersecurity best practices and compliance 

Digital business is driving the continued migration of workloads to the cloud at a greater pace than ever. However, the complexity of securing cloud applications and their development and delivery pipelines across multi-cloud environments are causing many organizations to fall behind or inadvertently introduce security weaknesses. Between misconfigurations, over privileged identities, exposed sensitive data, source code vulnerabilities, and supply chain risks there are a myriad of considerations that have made cloud security humanly challenging to address. In this session, we will discuss the security best practices at every step in the application lifecycle to help accelerate your cloud transformation, including:

• The common risks associated with cloud applications
• How to get a 360° view of cloud security challenges across the code/build/deploy and run lifecycle
• The typical cloud security journey and security use cases to address at each step 
• How to harness the power of data, threat intelligence, and AI to detect and prevent cloud threats
• Ways to foster teamwork between developers, cloud ops, and security teams 

Abnormal and Noname are both security companies that were created to provide superior cybersecurity protection against the most advanced attacks for their customers.

But how do their security leaders keep their own organizations protected from the huge number of threats targeting them? In this session, two CISOs will discuss:

• What types of threats are targeting their organizations (and their customers) today
• Which emerging threats are top of mind and what keeps them awake at night, including ChatGPT-created attacks
• How they prioritize the never-ending list of tools needed to protect their companies
• Why they are turning to automation in the midst of the cybersecurity skills shortage

Join us to hear how two leaders from leading cybersecurity startups are protecting their organizations and their employees, now and in the future.

Please visit our sponsors in the Exhibit Hall and explore their resources. They're standing by to answer your questions.

Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior.

The Solar Winds, CircleCI, and 3CX software supply chain attacks has made Software Supply Chain Security one of the most discussed topics in cyber security. But what is Software Supply Chain Security? Depending on who or what vendor you talk to you will get a completely different answer. In this session, Matt Rose, Field CISO at Reversing Labs will discuss different approaches to ensuring the security of your software supply chain. What approaches work and what approaches fall short. In order to truly understand software supply chain security you need to understand what the #%@& software supply chain security is in the first place.

Preventing breaches starts with having the right detections in the SOC — but this is a major challenge when you have 50-100+ security tools sending telemetry to your SIEM from diverse log sources (Windows, Mac/Linux, cloud, email, IAM, etc.). And these complexity challenges are compounded by constant change in both your infrastructure and the global threat landscape. According to data from MITRE ATT&CK, the industry-standard framework for tracking adversary playbooks and behaviors on a global basis, there are now more than 350 adversary groups and 500 adversary techniques used to conduct cyberattacks ranging from ransomware to cyber espionage to attacks on critical infrastructure – and the number is constantly growing. Detection engineering is one of the last remaining SOC functions to still rely on manual ad-hoc processes, tribal knowledge, and specialized experts that are difficult to hire and retain, rather than on automated workflows and documented processes. In this session, we'll look at the MITRE kill-chain for recent high-profile attacks and describe how detection posture management can help you detect them before they have material impact. 

Please visit our sponsors in the Exhibit Hall and explore their resources. They're standing by to answer your questions.

The cybersecurity industry has experienced a seemingly endless series of high-stakes crises, taking a toll on the mental health and well-being of CISOs and security professionals. This panel will address the pressing issue of burnout, exploring its root causes, potential impacts on individuals and organizations, and practical strategies for prevention and recovery. This collection of security leaders and practitioners will share personal experiences and insights, aiming to foster a supportive dialogue and promote a healthier work-life balance within the industry.

Former Discord chief security officer Kathy Wang joins Ryan Naraine in this fireside chat to talk about life in the CISO trenches, navigating an economic downturn, CISO tenures and building sustainable security programs, data security principles and exciting technology innovation.

See how to get fully-embedded, full-stack code security coverage with Code Security by Prisma Cloud. In this demo, our code security expert covers:

• Surfacing and remediating misconfigurations and exposed secrets in infrastructure as code (IaC) and Kubernetes manifests
• Identifying vulnerabilities and license compliance issues in open-source packages and dependencies with software composition analysis (SCA)
• Visualizing sources of risk within your software supply chain with the Supply Chain Graph
• Integrating and automating security feedback and code fixes with native developer tool integrations

Discover how Abnormal detects and remediates malicious emails, stopping advanced business email compromise attacks with Account Takeover, Abuse Mailbox Automation, Email Productivity, and more.

In this 6-minute demo, you’ll see how CardinalOps continuously ensures you have the right detections in your existing SIEM/XDR — based on the APTs, adversary techniques, and security layers that matter most to your organization. What’s more, it drives cost savings and greater efficiencies by recommending new ways to tune noisy and inefficient queries, reduce logging volume, and eliminate underused tools in your stack.

Cloud security is fundamentally a data problem. If your current rules-driven cloud security solution can’t scale, then discover how you can automate security and compliance across AWS, Azure, Google Cloud, and private clouds with Lacework. Watch our demo and see how we can help you:

• Investigate threats 80% faster
• Consolidate your security tools
• Eliminate false positives by 95%
• Reduce critical security alerts to about 1.4 per day

Security teams must adapt to new and expansive attack vectors and surfaces, commonly needing to go a step further than SCA tools to be protected from highly targeted, sophisticated supply chain attacks, rather than being protected from just vulnerabilities. ReversingLabs' Software Supply Chain Security platform scans hundreds of file formats to identify embedded threats and integrates with CI/CD, cloud, and ITSM tools to automate testing, enforce policies, and establish security guardrails. It supports continuous, customized, and extensive coverage for third-party software and open source components. See how.

Saviynt Enterprise Identity Cloud Demo

Secure laptop to cloud with one unified solution. Find and remove critical risks in your modern attack surface—cloud, containers, and endpoints—all from a single UI and data model.

Protecting the delivery pipeline is at least as important as securing the software that is built. In light of successful cloud breaches that target the engineering ecosystem it’s not surprising analysts like Gartner are highlighting the urgent need to develop a framework for protecting the software delivery pipeline. Join Stephen Giguere, developer advocate with Prisma Cloud, as he discusses:

• How the attack surface has shifted left, outside the purview of traditional AppSec programs
• Why runtime centric approaches are the most expensive way to build a CNAPP strategy
• Simple 3 step framework for securing the engineering ecosystem and shipping code that’s secure by default  

Our popular CISO Insomnia panel returns with a thought-provoking exploration of the pressing issues that keep CISOs and security leaders on high alert. Expect a robust conversation on the current threat landscape, the high-stakes decisions during crises, the priorities and strategies at the forefront of modern cybersecurity, and the future of securing digital assets at scale.

This panel will cover the rising ransomware epidemic, cloud security challenges, ever-growing attack surfaces, software supply chain risks and the changing face of communicating risk internally and externally.

Please visit our sponsors in the Exhibit Hall and explore their resources. They're standing by to answer your questions.

While cybersecurity leaders understand the importance of managing and mitigating third-party risk, the current state of tooling and resource intensive questionnaires have created a hamster wheel of work that doesn't make anything more secure.

In this session, two CISOs (Crossbeam's Chris Castaldo and EAB's Brian Markham) will discuss the investments made of the years, the scale of the third party risk management problem and propose an entirely new approach to dealing with this critical area of risk.

Join this seasoned group of cybersecurity executives for a frank discussion on changing face of cyber insurance in the age of ransomware and software supply chain attacks.  Learn directly from CISOs on mitigations to protect from data-extortion attacks, the dynamic nature of cyber insurance policies and restrictions, and whether generative AI will change the way we look at cyber insurance.

See how to get fully-embedded, full-stack code security coverage with Code Security by Prisma Cloud. In this demo, our code security expert covers:

• Surfacing and remediating misconfigurations and exposed secrets in infrastructure as code (IaC) and Kubernetes manifests
• Identifying vulnerabilities and license compliance issues in open-source packages and dependencies with software composition analysis (SCA)
• Visualizing sources of risk within your software supply chain with the Supply Chain Graph
• Integrating and automating security feedback and code fixes with native developer tool integrations

In this 6-minute demo, you’ll see how CardinalOps continuously ensures you have the right detections in your existing SIEM/XDR — based on the APTs, adversary techniques, and security layers that matter most to your organization. What’s more, it drives cost savings and greater efficiencies by recommending new ways to tune noisy and inefficient queries, reduce logging volume, and eliminate underused tools in your stack.

Discover how Abnormal detects and remediates malicious emails, stopping advanced business email compromise attacks with Account Takeover, Abuse Mailbox Automation, Email Productivity, and more.

Cloud security is fundamentally a data problem. If your current rules-driven cloud security solution can’t scale, then discover how you can automate security and compliance across AWS, Azure, Google Cloud, and private clouds with Lacework. Watch our demo and see how we can help you: - Investigate threats 80% faster - Consolidate your security tools - Eliminate false positives by 95% - Reduce critical security alerts to about 1.4 per day

Security teams must adapt to new and expansive attack vectors and surfaces, commonly needing to go a step further than SCA tools to be protected from highly targeted, sophisticated supply chain attacks, rather than being protected from just vulnerabilities. ReversingLabs' Software Supply Chain Security platform scans hundreds of file formats to identify embedded threats and integrates with CI/CD, cloud, and ITSM tools to automate testing, enforce policies, and establish security guardrails. It supports continuous, customized, and extensive coverage for third-party software and open source components. See how.

Saviynt Enterprise Identity Cloud Demo

Secure laptop to cloud with one unified solution. Find and remove critical risks in your modern attack surface—cloud, containers, and endpoints—all from a single UI and data model.