Event Schedule

Times for this Event are in Central Time (CDT/CST).

The Summit will be open from 8:30 AM to 5 PM.

• Welcome / Introductions
• IAM + WFH - Authentication vs Authorization 9:10 am
  Add to Calendar20220505 9:10 am20220505 9:30 amAmerica/ChicagoIAM + WFH - Authentication vs Authorization

  The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication.

  Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust. 

   

  .

  The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication.

  Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust. 

   

  Click to Expand

  Collapse This Item

• Managing Risk: Seek Forward Accountability and Assume a Stormy Seas 9:40 am
  Add to Calendar20220505 9:40 am20220505 10:00 amAmerica/ChicagoManaging Risk: Seek Forward Accountability and Assume a Stormy Seas

  While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

  Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

  .

  While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

  Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

  Click to Expand

  Collapse This Item

• Expert Panel Discussion: Mobile Device Security 10:15 am
  Add to Calendar20220505 10:15 am20220505 10:45 amAmerica/ChicagoExpert Panel Discussion: Mobile Device Security

  Mobile devices are omnipresent for everyone in our society. Providing email, file access, even physical access and authentication has been made easily accessible via our use of these devices. At the same time, users are five times more likely to click on a phishing email on their smartphone versus desktop, file access and authentication can be exposed via a lost device, and a host of other vulnerabilities exist.  Corporate-provided assets could be one answer, but it’s simply not feasible for every organization, and moreover – users are looking to connect whenever and wherever they are (even as they are at home a lot these days). 

  Our expert panel will contemplate several approaches to this challenge. 

  .

  Mobile devices are omnipresent for everyone in our society. Providing email, file access, even physical access and authentication has been made easily accessible via our use of these devices. At the same time, users are five times more likely to click on a phishing email on their smartphone versus desktop, file access and authentication can be exposed via a lost device, and a host of other vulnerabilities exist.  Corporate-provided assets could be one answer, but it’s simply not feasible for every organization, and moreover – users are looking to connect whenever and wherever they are (even as they are at home a lot these days). 

  Our expert panel will contemplate several approaches to this challenge. 

  Click to Expand

  Collapse This Item

• Cloud Clarity in 2022: Strategy, Execution & Alignment 11:00 am
  Add to Calendar20220505 11:00 am20220505 11:20 amAmerica/ChicagoCloud Clarity in 2022: Strategy, Execution & Alignment

  Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

   

  .

  Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

   

  Click to Expand

  Collapse This Item

• Supply Chain & Third Party Risk Management 11:30 am
  Add to Calendar20220505 11:30 am20220505 11:50 amAmerica/ChicagoSupply Chain & Third Party Risk Management

  A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships. 

  Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes. 

  .

  A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships. 

  Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes. 

  Click to Expand

  Collapse This Item

• Lunch Break
• Expert Panel Discussion: Ransomware: Prevention & Preparation 1:00 pm
  Add to Calendar20220505 1:00 pm20220505 1:20 pmAmerica/ChicagoExpert Panel Discussion: Ransomware: Prevention & Preparation

  Unless you’ve been under a rock, you’ve seen some big ransomware headlines. Moreover, ransomware-as-a-service changes the way many cyber leaders think about this topic, and changes some of the economics related to it. In this panel, our experts will talk about best practices, tactics and tricks for prevention and preparation. Sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line. 

  .

  Unless you’ve been under a rock, you’ve seen some big ransomware headlines. Moreover, ransomware-as-a-service changes the way many cyber leaders think about this topic, and changes some of the economics related to it. In this panel, our experts will talk about best practices, tactics and tricks for prevention and preparation. Sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line. 

  Click to Expand

  Collapse This Item

• Managing the Insider Threat 2:00 pm
  Add to Calendar20220505 2:00 pm20220505 2:20 pmAmerica/ChicagoManaging the Insider Threat

  An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

  There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

  .

  An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

  There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

  Click to Expand

  Collapse This Item

• Beyond SolarWinds: Supply Chain & Third-Party Risk Management for 2022 2:30 pm
  Add to Calendar20220505 2:30 pm20220505 2:50 pmAmerica/ChicagoBeyond SolarWinds: Supply Chain & Third-Party Risk Management for 2022

  Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As we go into 2022, this attack vector will continue to  receive tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create a “perfect storm” threat for modern cyber executives.  

  In this session we will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.

  .

  Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As we go into 2022, this attack vector will continue to  receive tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create a “perfect storm” threat for modern cyber executives.  

  In this session we will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.

  Click to Expand

  Collapse This Item

• Expert Panel Discussion: Managing Risk in Today's Cybersecurity Landscape 3:15 pm
  Add to Calendar20220505 3:15 pm20220505 3:45 pmAmerica/ChicagoExpert Panel Discussion: Managing Risk in Today's Cybersecurity Landscape

  Risk comes from all angles. Users, vendors, partners, systems.  What can security teams improve when attempting to convey ‘risk’ to executive and board level people within an organization?

  In this panel, we will discuss some of the many facets encountered by security leaders in organizations of all sizes, with particular focus on the threat landscape seen across the region.

  .

  Risk comes from all angles. Users, vendors, partners, systems.  What can security teams improve when attempting to convey ‘risk’ to executive and board level people within an organization?

  In this panel, we will discuss some of the many facets encountered by security leaders in organizations of all sizes, with particular focus on the threat landscape seen across the region.

  Click to Expand

  Collapse This Item

• The Risk Management “Balance Sheet” 3:50 pm
  Add to Calendar20220505 3:50 pm20220505 4:10 pmAmerica/ChicagoThe Risk Management “Balance Sheet”

  Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

  Attend this session to get these questions answered and more.

  .

  Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

  Attend this session to get these questions answered and more.

  Click to Expand

  Collapse This Item

• The Evolution of the Threat: Hunting, Detection, & Response 4:15 pm
  Add to Calendar20220505 4:15 pm20220505 4:35 pmAmerica/ChicagoThe Evolution of the Threat: Hunting, Detection, & Response

  Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

  Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations

  .

  Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

  Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations

  Click to Expand

  Collapse This Item

• Cyber Executive RoundTable 4:40 pm
  Add to Calendar20220505 4:40 pm20220505 5:25 pmAmerica/ChicagoCyber Executive RoundTable

  Submit your bio for consideration to participate on our Cyber Executive RoundTable

  to [email protected] or fill out our Call for Speakers form here.

  .

  Submit your bio for consideration to participate on our Cyber Executive RoundTable

  to [email protected] or fill out our Call for Speakers form here.

  Click to Expand

  Panel Participants:

  Ashley Ewing

  Ashley Ewing

  CISO at The University of Alabama

  Collapse This Item

• Summit Closing