2021 SecurityWeek CISO Forum, Presented by Cisco: Full Schedule

Welcome to the interactive schedule for SecurityWeek’s CISO Forum, Presented by Cisco! (For full event information visit the conference website.) Click Here to Register.

11:00am EDT

Welcome Address

Tuesday September 14, 2021 11:00am - 11:05am EDT

Main Stage

11:05am EDT

Fireside Chat With Peloton CISO Adrian Stone

Adrian Stone, Vice President and Chief Information Security Officer (CISO) at Peloton Interactive, joins SecurityWeek for a live discussion on building a modern security program to defend expanding attack surfaces.

Expect a lively discussion on security incident response, security engineering, software development, governance, risk management, and compliance, for both product and enterprise security functions.

Login to Watch

Moderators

Ryan

Editor-at-Large, SecurityWeek

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the Security Conversations podcast series. A journalist and cybersecurity strategist with more than 20 years experience covering IT security and technology trends, Ryan has built security engagement programs at major global... Read More →

Speakers

Adrian Stone

VP, CISO, Peloton

Tuesday September 14, 2021 11:05am - 11:45am EDT

Main Stage

11:45am EDT

Identity-Focused Security for Your Zero Trust Journey

With increasingly distributed workforces and the rise in identity-based attacks, identity has become the de facto perimeter for organizations today. Identity is the foundation of a zero trust architecture, as you need to ensure the right people have the right level of access, on the right device, to the right resource, in the right context. Learn how a comprehensive, identity-first security strategy can tie the complexities of protecting people and assets together in a seamless experience.

Login to Watch

Speakers

Ryan Terry

Sr. Solutions Product Marketing Manager, Okta

Ryan Terry is a Sr. Solutions Product Marketing Manager at Okta, focused on security solutions. Ryan brings more than 8 years of experience in cybersecurity and previously worked at Proofpoint and Symantec. Ryan has a Master's of Business Administration (MBA) from Brigham Young U... Read More →

Tuesday September 14, 2021 11:45am - 12:10pm EDT

Main Stage

12:10pm EDT

Designing and Architecting Security for a Hybrid World

Login to Watch

As organizations shift to flexible, hybrid workforce environments, IT and security teams are managing more devices than ever, with employees accessing business data across more locations, networks, and devices. While the hybrid model might be the new normal, not all organizations are set up to successfully “work from anywhere.”

There’s no one-size-fits-all solution for how businesses should realize secure hybrid work environments, so organizations must be strategic around planning their specific approaches to securing distributed working environments.

Join this session as Cisco’s Shaila Shankar covers:

The technical – and cultural – elements of a designing a secure hybrid workforce environment that supports successful digital transformation
Real-life examples of cybersecurity concerns that threaten hybrid workforce environments
Cisco’s approach to cloud security for all, no matter where organizations are in their cloud-adoption journey

Speakers

Shaila Shankar

SVP and General Manager of Cisco Cloud Network and Security, Cisco

Shailaja Shankar is Senior Vice President and General Manager of the Cloud Network and Security (CNS) business unit within Cisco’s Security Business Group (SBG). In this role, Shailaja is focused on delivering the industry’s most innovative solutions in the SASE market and leading... Read More →

Tuesday September 14, 2021 12:10pm - 12:30pm EDT

Main Stage

12:30pm EDT

Break: Please Visit Sponsor Booths and Solutions Theater

Tuesday September 14, 2021 12:30pm - 12:45pm EDT

Break - Visit Exhibit Hall

12:45pm EDT

Strategies for Securing Your Cloud Journey

Cloud is a journey that most all of us are on or soon will begin. This presentation will talk about some key strategies for establishing a security posture, methods for discovering security gaps. And best practices for securing your cloud platforms.

Login to Watch

Speakers

Paul Calatayud

Chief Security Officer, Palo Alto Networks

Paul Calatayud serves as America’s Chief Security Officer for Palo Alto Networks. Prior to his role with Palo Alto Networks, Paul was Chief Technology Officer for FireMon, leading business development, corporate development, and product strategy. Paul is a two-time CISO and lead... Read More →

Tuesday September 14, 2021 12:45pm - 1:25pm EDT

Main Stage

1:30pm EDT

Winning Hearts and Minds on the Board

In many organizations today, intelligence and security are out of sync. Teams and objectives are siloed, analysis lacks relevance, and the response is slow and reactionary — resulting in lost time and wasted resources. To drive down risk while achieving meaningful operational outcomes, intelligence must be embedded into the core of every security workflow, function, and decision. This requires a unified approach for collecting, analyzing, and automating data and insights.

Login to Watch

Speakers

Levi Gundert

Sr. VP, Global Intelligence & Customer Success, Recorded Future

Levi Gundert is SVP of Global Intelligence at Recorded Future where he leads the continuous effort to measurably decrease operational risk for customers. He has spent the past 20 years in both government and the private sector, defending networks, arresting international criminals... Read More →

Tuesday September 14, 2021 1:30pm - 2:00pm EDT

Main Stage

2:00pm EDT

Measuring Security and Building Trust with Leadership: Enabling Transformation Through Testing

The acceleration of digital transformation over the last year has put increasing pressure on security executives to drive new approaches to their cybersecurity strategy, increase resilience, and decrease security and legal risk. Organizations and security professionals across industries are taking proactive measures to strengthen their defenses while fully engaging corporate leadership in these approaches. During this session we will discuss top risks enterprises face today, key tactics for risk mitigation, and how to build trust with leadership by understanding the full breadth of their risk calculations and adopting agile and innovative solutions.

Login to Watch

Speakers

Peter Blanks

Chief Product Officer, Synack

Brock Dahl

Counsel, Former Deputy General Counsel at the National Security Agency, Freshfields Bruckhaus Deringer

Brock Dahl is Counsel at global law firm Freshfields Bruckhaus Deringer and former Deputy General Counsel at the U.S. National Security Agency.

Tuesday September 14, 2021 2:00pm - 2:40pm EDT

Main Stage

2:40pm EDT

Break: Please Visit Breakout Sessions

Tuesday September 14, 2021 2:40pm - 2:45pm EDT

Break - Visit Exhibit Hall

2:45pm EDT

From Email to Firmware Implant, in Less Than 3 Minutes

Login to Watch
Firmware security has become one of the most talked-about challenges in recent years, on the heels of supply chain, ransomware and nation state actors leveraging firmware attacks to persist indefinitely or brick devices at the motherboard level.

Against this backdrop, organizations are faced with threats that can originate via firmware, and threats that can move from the operating system down to the firmware. In either scenario, detection proves to be difficult, given the entirety of the security stack exists only above the OS, in the cloud, and on the network. Ironic, given all of these themselves rely upon the devices and firmware they sit atop. Indeed, this is the main advantage for attackers, and it buys them back the time and power they need to accomplish any objective, whether destruction, disruption, profit or espionage. Imagine clicking an email attachment and having a user’s device be implanted at the firmware level. How would you detect this scenario in your own organization? Is it even possible to do so?

In this presentation we will lay out these concepts, provide examples of recent actors and campaigns targeting firmware, explore where firmware-level attacks appear in MITRE ATT&CK to place them in context, and finally, show a demonstration of an attack that starts with an email attachment, and ends with eyes wide open.

Speakers

Scott Scheferman

Office of the CTO - Strategy, Speaking, Threat Landscape, Eclypsium

Tuesday September 14, 2021 2:45pm - 3:15pm EDT

Breakout

2:45pm EDT

Make Appsec Tools Seamless In Devops Pipelines

Testing modern application security requires a variety of tools to scan different aspects. Static application security testing (SAST) for issues in custom code. Software composition analysis (SCA) for known open source vulnerabilities. Dynamic application security testing (DAST) for runtime flaws. Gartner recommends taking a "shift-left" approach and invest in automation to improve productivity. Early feedback allows developers to address issues and avoid security risks.

Join this session to learn how Synopsys Intelligent Orchestration:

Simplifies integration of security testing tools into the CI/CD pipeline
Identifies the most appropriate AppSec activities based on pipeline context
Ensures seamless feedback to developers and enforce policies at enterprise scale

Speakers

Simon King

VP of Solutions, Synopsys

Simon King is VP of Solutions at Synopsys Software Integrity Group. He is a thought leader and innovator in DevOps with experience in SaaS, testing, and security. He has lead product teams at industry leading companies such as BMC and multiple SaaS startups to help Synopsys SIG customers... Read More →

Tuesday September 14, 2021 2:45pm - 3:15pm EDT

Breakout

3:15pm EDT

Navigating SBOMs and Supply Chain Security Transparency

The recent cybersecurity executive order from the White House mandates a bill of materials for software (SBOM) purchased by the Federal Government. This presents new opportunities and challenges for software producers and security teams. During this panel, we will discuss specific ways an SBOM can improve supply chain security and where expectations may be overblown. We will cover edge cases that are turning out to be more troublesome than anticipated. Lastly, we will discuss what might come next after SBOM and where there are opportunities for innovation (e.g., new tooling or standards) on top of SBOMs.
Login to Watch

Moderators

Sounil Yu

CISO, JupiterOne

Sounil Yu is a cybersecurity executive with more than 30 years of hands-on security experience. He is the creator of the Cyber Defense Matrix and the DIE Resiliency Framework, serves on the board of SCVX Corp and the FAIR Institute, teaches security as an Adjunct Professor, co-chairs... Read More →

Speakers

Summer Craze Fowler

CISO/CIO, Argo AI

Summer Craze Fowler is the CIO/CISO at Argo AI, a software company focused on changing the world by building self-driving technology. She is a leader in cyber security with more than 19 years of experience in risk management and software engineering. She came to Argo AI from Carnegie... Read More →

Allan Friedman

SBOM Champion, Cybersecurity and Infrastructure Security Agency (CISA)

Dr. Allan Friedman is an SBOM champion at the U.S. government's CISA (Cybersecurity and Infrastructure Security Agency). Prior to joining CISA, he served as Director of Cybersecurity Initiatives at National Telecommunications and Information Administration in the US Department of... Read More →

Steve Springett

Chair, CycloneDX Core Working Group

Steve educates teams on the strategy and specifics of developing secure software. He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive... Read More →

Tuesday September 14, 2021 3:15pm - 4:00pm EDT

Panel

4:00pm EDT

[Panel] Ransomware and the Cyber Insurance Ecosystem, What’s Next?

The ongoing ransomware epidemic is causing a major disturbance in the cyber insurance ecosystem. With ransomware accounting for about 75 percent of all insurance claims, cyber insurance is no longer a profit center for the major insurance giants and the trickle-down effects are starting to take hold. The last year has seen a massive increase in cyber insurance premium prices and some insurance policies are being radically restructured to limit payouts linked to ransomware attacks.

This panel of CISOs and security leaders will discuss the state of cyber insurance and offer ideas and guidance for businesses to navigate ransomware recovery efforts.

Moderators

Ryan

Editor-at-Large, SecurityWeek

Speakers

Jonathan Jaffe

CISO, Lemonade

Jonathan is the CISO at Lemonade Insurance, a InsurTech company changing insurance for the better. He's been designing and implementing security solutions since 1997. He is a founding member of Silicon Valley CISO Investments, and is an active participant in Israel's security start-up... Read More →

Evan D. Wolff

Partner, Crowell & Moring

Evan D. Wolff is a partner in Crowell & Moring's Washington, D.C. office where he is co-chair of the firm's Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical background and understanding of complex cybersecurity... Read More →

Tuesday September 14, 2021 4:00pm - 4:45pm EDT

Panel

4:45pm EDT

End of CISO Forum Day 1 Live Sessions

We hope you enjoyed the sessions from Day 1 of the 2021 CISO Forum, Presented by Cisco! Be sure to login again tomorrow starting at 11AM EST for a fantastic lineup of talks and panel discussions! Missed a session of interest? You can now watch Day 1 sessions on demand. Virtual exhibits are still open!

Tuesday September 14, 2021 4:45pm - 5:00pm EDT

Break - Visit Exhibit Hall

11:00am EDT

[Panel] The CISO’s Guide to Building a Security Dream Team

According to data from the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA), there are upwards of 500,000 unfilled cybersecurity roles across the public and private sectors in the U.S., a labor shortage that presents a national cybersecurity risk.

In this seller’s market, CISOs and their HR partners are forced to find new ways to find, recruit and retain talent. Join this panel to hear directly from CISOs on the cybersecurity labor shortage, the nuances of recruiting and retaining talent in a seller’s market, and the tips to build and scale modern security program.

Moderators

Fredrick 'Flee' Lee

Chief Security Officer, Gusto

Fredrick "Flee" Lee is the Chief Security Officer at Gusto, where he leads information and physical security strategies including consumer protection, compliance, governance and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts... Read More →

Speakers

Lisa Hall

Director of Information Security, PagerDuty

Lisa Hall is the Director of Information Security at PagerDuty where she heads the Information Security and Compliance programs. With over 14 years experience in the information security field, she is focused on building security programs from the ground up, strategic planning, risk... Read More →

Brett Starr

Managing Partner, Hitch Partners

Brett Starr has 30 years of industry experience including 15 years in Leadership Talent Acquisition where he Co-Founded Hitch Partners with Michael Piacente to focus on placing Cybersecurity executives. Thus far the Hitch Partners team has placed 50+ CISOs/Security Leaders in companies... Read More →

Lena Smart

CISO, MongoDB

Lena Smart joined MongoDB with more than 20 years of cyber security experience. Before joining MongoDB, she was the Global Chief Information Security Officer for the international fintech company, Tradeweb, where she was responsible for all aspects of cybersecurity. She also served... Read More →

Caleb Sima

CISO, Robinhood

Caleb Sima is the Chief Security Officer at Robinhood, a stock brokerage platform for stocks, options, ETFs and cryptocurrencies with zero commission. Prior to Robinhood, Caleb was the Vice President of Information Security at Databricks, a leading data analytics and machine learning... Read More →

Wednesday September 15, 2021 11:00am - 11:45am EDT

Panel

11:45am EDT

The Past, Present, and Future of Strong Authentication

Authentication is a foundational element of every cybersecurity program. With more than 80% of data breaches and most ransomware incidents stemming from credential-based attacks (e.g., phishing, credential stuffing, RDP brute, etc.), it has become clear that passwords are a fatally flawed authentication method. Unfortunately, many common solutions are “band-aids” on top of passwords and are lacking from both a security and user experience perspective. Replacing passwords as an authentication factor is finally possible. While eliminating passwords is a critical step in stopping credential-based attacks, it is just a first step on the journey to advanced authentication and access control needed to achieve zero trust.
Discussion points in this presentation will include:

A brief history of authentication
Changing requirements in the new work from home(or anywhere) business model and cloud-centric architectures
Can we gain risk-reduction improvements by converging the traditionally disparate identity and security processes and technologies?
A case for continuous user authentication
What is device risk and why is the real-time assessment of endpoint security important

Speakers

Dr. Jasson Casey

Chief Technology Officer, Beyond Identity

Jasson has served as CTO of SecurityScorecard, VP of Engineering at IronNet Cybersecurity, Founder and Executive Director of Flowgrammable as well as Compiled Networks, VP of VoIP Product Development at CenturyTel, among other technical and executive roles. Jasson received a bachelor’s... Read More →

Wednesday September 15, 2021 11:45am - 12:15pm EDT

Main Stage

12:15pm EDT

Key Insights to Prevent Never-Before-Seen Cyber Attacks

Traditional cybersecurity infrastructure can’t stop new and emerging threats, particularly in the email channel, and cybercriminals are constantly changing their methods to stay one step ahead. Your employees are continuously being targeted, and you must protect them from these attacks—often ones that have never been seen before. Fortunately, there are insights you can use to protect your company and your employees.

Join this fireside chat as we discuss strategies for staying ahead of the ever changing threat landscape. Theresa Payton, first female White House CIO and leading cybersecurity expert, and Mike Britton, CISO at Abnormal Security, will discuss:

How and why cybercriminals change their methods to create new, never-before-seen threats
What tactics can be used to to block emerging threats before they reach your employees, and
What you can do today to protect your organization from new, high-risk threats

Speakers

Theresa Payton

Star of CBS TV series, “Hunted”, and Leading Cybersecurity Expert, Former White House CIO

Payton is the cybersecurity expert that organizations turn to for discreet help during data breaches and to improve IT systems and strategies. She made history as the first female to serve as White House Chief Information Officer and currently helps organizations in both the public... Read More →

Mike Britton

CISO, Abnormal Security

Mike is a 25-year information security veteran who joined Abnormal Security after serving as Global Chief Security and Privacy Officer at Alliance Data, a $4.5 billion provider of data-driven marketing, loyalty and payment solutions. In addition to leading all aspects of Alliance... Read More →

Wednesday September 15, 2021 12:15pm - 12:45pm EDT

Breakout

12:15pm EDT

Securing The Public Cloud Journey

Discovering and Preventing Security Risks in Cloud Environments

Speakers

Derek Broadwater

Prisma Cloud Solutions Architect, Palo Alto Networks

Derek Broadwater is a Prisma Cloud Solutions Architect at Palo Alto Networks. He joined the organization in late 2020. Over the last several years, Derek has served as a technical pre-sales architect helping customers solve for their cloud infrastructure, networking, and security... Read More →

Wednesday September 15, 2021 12:15pm - 12:45pm EDT

Breakout

12:45pm EDT

Break: Please Visit Sponsor Booths

Wednesday September 15, 2021 12:45pm - 1:00pm EDT

Break - Visit Exhibit Hall

1:00pm EDT

Secure Access Service Edge (SASE) Industry Trends

In this roundtable discussion, Matt Garr and Omri Guelfand, who lead Cisco’s Product Management for Secure Access Service Edge (SASE), will discuss their perspectives on key industry trends, what they are seeing with key customers, and answering some of the most frequently asked questions about SASE.

Speakers

Matt Garr

Director, Product Management, Cisco

Matt Garr is Director of Product Management in Cisco’s Cloud and Network Security Group, where he leads Cisco’s product development for the Secure Access Service Edge. He has held a variety of leadership roles at Cisco in the Next-Generation Firewall and Enterprise Networking... Read More →

Negisa Taymourian

Product Marketing Leader, Cisco

Negisa Taymourian is a Product Marketing Leader for Cisco Umbrella. As a cybersecurity enthusiast, Negisa loves sharing with the world how security solutions can help organizations protect against attacks.Negisa’s interests include encouraging young women to pursue STEM majors and... Read More →

Omri Guelfand

Director, Product Management, Cisco

Omri Guelfand is the product leader for the Network as a Service (NaaS) portfolio. In this role, he brings together Cisco's networking, observability, and security capabilities and technologies to create unified outcome-focused subscription offers that are easy to consume, simple... Read More →

Wednesday September 15, 2021 1:00pm - 1:30pm EDT

Breakout

1:00pm EDT

Three Key Information Protection Use Cases for Security Leaders

Our world has changed, and our risks have changed both due to the global pandemic and due to digital transformation and the adoption of cloud. Security leaders need to adapt their information protection strategy to account for three key use cases to protect information in the modern digital landscape. This session will cover three key use cases and types of scenarios that should be included in any modern approach to protecting your organization’s information.

Speakers

Brian Reed

Proofpoint, Information Protection Evangelist

Brian Reed is an Information Protection Evangelist at Proofpoint. He comes to Proofpoint from Gartner where he focused on a wide variety of topics - cloud security, data security, incident response, insider threats and security awareness. Since 2015, he published over 50 thought-leading... Read More →

Wednesday September 15, 2021 1:00pm - 1:30pm EDT

Breakout

1:30pm EDT

Defenders Playbook for Attack Simulation and Security Posture Validation

Learning from the mistakes of the past, the newest generation of Posture Security Validation combining BAS (Breach Attack Simulation), CART (Continuous Automated Red Teaming), Purple Teaming and ASM (Attack Surface Management) into a comprehensive solution has become essential and strategic to the enterprises who have adopted them.

Join this CISO Forum session to learn the requirements for an effective Security Posture Validation solution and:

How CISOs can:
- Quickly evaluate and decide what parts of their cybersecurity portfolio to keep, what to get rid of and what to buy.
- Have confidence that their investment in cyber security is optimized.
- Easily explain enterprise risk and how to reduce it.
- Know their organization is secure and in the unlikely event of a breach, recover gracefully.
How security practitioners can:
- Be confident in knowing that these innovative solutions are comprehensive covering all stages of the kill chain.
- Know that a security tool can be easily implemented and managed with their existing staff
- Be confident in their ability to find gaps, misconfigurations, and vulnerabilities to shore up and optimize their security posture.
- Know when new attacks or vulnerabilities occur in the wild and easily and quickly test to see if these new threats affect their enterprises

Speakers

David Klein

Cyber Evangelist, Cymulate

Dave Klein is a veteran cybersecurity professional with extensive enterprise, US federal and state and local government experience. He has worked on many incident response cases and worked on the Presidential Directive for Critical Infrastructure Security and Resilience.

Wednesday September 15, 2021 1:30pm - 2:00pm EDT

Breakout

1:30pm EDT

How Hacker's Hack: Attacker Methodology & Exploitation Demo

In this deep dive discussion, Synack Solutions Architect and Red Team Expert, Jeremiah Roe takes a practical approach to the attacker lifecycle. He walks through each of the 7 steps of the kill chain, from Reconnaissance to Actions on Objectives, providing live demonstrations and tools. Security practitioners will come away from the workshop with a deeper understanding of the adversarial mindset and ways to apply an intelligence-driven defense model to identify, detect and prevent intrusions by threat actors.

In this session you'll learn:

How the adversary applies the kill chain: We share the 7-step process of the attacker lifecycle and methodologies with an in-depth demonstration of the kill chain.
How to Add Rigor to Your Pentesting: Where traditional penetration testing stops and crowdsourced penetration testing probes further.

Speakers

Jeremiah Roe

Solutions Architect and Red Team Expert, Synack

Jeremiah Roe is a Solutions Architect for the Federal and DoD space at Synack. As a solutions architect, he helps organizations understand and implement effective security from an offensive perspective. Jeremiah has an extensive background including work in the Marine Corps, network... Read More →

Wednesday September 15, 2021 1:30pm - 2:00pm EDT

Breakout

2:00pm EDT

Break: Please Visit Breakout Sessions

Wednesday September 15, 2021 2:00pm - 2:05pm EDT

Break - Visit Exhibit Hall

2:05pm EDT

Addressing Sophisticated Supply Chain Attacks Head On with No Source Code Required

How Binary Analysis Verifies Software Integrity While Preventing Tampering

As Gartner states, “By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021”. ReversingLabs has been at the forefront of detecting and analyzing threats and tampering activity in software and how these attackers take advantage of the gaps in application security visibility. This session will cover real-word examples of how binary analysis without source code can improve how we assure the integrity of software as we build and deploy it and thereby mitigate the risk of future supply chain attacks.

Speakers

Jasmine Noel

Senior Product Marketing Manager, ReversingLabs

Jasmine Noel is Senior Product Marketing Manager at ReversingLabs. Her career began as an industry analyst covering IT technologies. She then founded Ptak, Noel & Associates to provide research and marketing services to Fortune500 and startup technology firms. Prior to ReversingLabs... Read More →

Wednesday September 15, 2021 2:05pm - 2:35pm EDT

Breakout

2:05pm EDT

Mobile Safe Harbor and Business Continuity

In this session, you’ll discover:
• What safe harbor legal provisions are, and how WinZip Enterprise provides companies with this protection to avoid and/or block repercussions from data breaches.
• How WinZip Enterprise helps provide business continuity by providing “break the glass” functionality, which ensures improved access to data.
• How virtual data storage and the process of “vaulting” secrets (a method for securely protecting sensitive data) is preferable to traditional removable storage, e.g., encrypted USB sticks and fobs, which can be lost.

Speakers

Ravila White

Director of Global Cyber Security, WinZip Enterprise - Corel

Ravila White is the Director of Global Cyber Security for Corel. She has over 15 years of experience in Information Technology and Information Security career spanning non-profit, healthcare, e-commerce and education sectors. Prior to Corel she held various leadership positions at... Read More →

Wednesday September 15, 2021 2:05pm - 2:35pm EDT

Breakout

2:35pm EDT

Building and Sustaining TPRM Programs for Cyber Resilience

In this session, Alexander Heid will present best practices and practical tips on how your enterprise can leverage cyber ratings to create proactive visibility into your digital supply chain's ecosystem in order to identify risks and threats with the end goal of enabling resilience. We will discuss ways to leverage ratings to monitor, mitigate, and/or remediate risks that exist within the assets that you own and operate, as well as building a Third-Party Risk Management program to create proactive visibility into your full digital supply chain. The concepts of continuous monitoring, compliance vs security, event-driven assessments, breach impact and response will be covered. Additionally, the talk will go over other indicators of risk that can empower any infosec team with the actionable intelligence needed to mitigate cyber risk.

Speakers

Alexander Heid

Chief Research & Development Officer, SecurityScorecard

Alexander Heid serves as Chief Research & Development Officer at SecurityScorecard. Heid joined the company in June 2014 and has been instrumental in developing the company’s threat reconnaissance capabilities and building its security-centric platform. A recognized expert in the... Read More →

Wednesday September 15, 2021 2:35pm - 3:05pm EDT

Breakout

3:05pm EDT

[Panel] Pandemic In-CISOmnia - What Keeps CISOs up at Night?

Our popular CISO Insomnia panel returns with a special post-pandemic edition discussing how the sudden shift to remote work has radically altered security programs globally. We dig into the ransomware epidemic, cloud deployments and the expansion of attack surfaces, staying ahead of zero-day attacks, reporting to the board of directors, compliance, privacy, and more...

Speakers

Ryan

Editor-at-Large, SecurityWeek

Anne Marie Zettlemoyer

VP, Security Engineering, Mastercard

Anne Marie Zettlemoyer is a cyber-strategist with over 20 years of experience in eight industries. At the intersection of business, security and analytics, Zettlemoyer has served as a trusted advisor for Fortune 500 companies, government agencies, startups and think tanks. She is... Read More →

Aanchal Gupta

VP, Azure Security, Microsoft

Aanchal Gupta is Vice President, Azure Security, at Microsoft. She has previously held cybersecurity leadership roles at Facebook, Microsoft for Skype and Skype for Business. Aanchal also led Yahoo’s Global Identity team, contributing to various authentication and authorization... Read More →

Lena Smart

CISO, MongoDB

Marc Rogers

Executive Director, Cybersecurity, Okta

Marc Rogers is the Executive Director of Cybersecurity at Okta. With a career that spans more than twenty years, he has been hacking since the 80's and is now a white-hat hacker. Prior to Okta, Marc served as the Head of Security for Cloudflare and spent a decade managing security... Read More →

Wednesday September 15, 2021 3:05pm - 4:00pm EDT

Panel