Zero Trust – What do I need, how do I do it, where do I start?

CISO Council

November 10, 2022 - National


Nick Curcuru
Head of Solutions

Council Speaker

Nick Curcuru is a dedicated executive eager to solve cyber, data, and analytic challenges. He focuses on breaking down complex ideas into manageable projects, products, and services optimized for his customer’s needs. His unique skills as a data translator and storyteller enable him to bridge the gap between internal and external teams to ensure mutual success. Nick was selected as one of the top ten data futurists to watch by Enterprise Management 360 because of his successful 20 years in advanced analytics and cyber security. He was responsible for the creation of the global Enterprise Information and Cybersecurity and Privacy practice at Mastercard. He has consulted with the European Union, United States, Australian, British, and Canadian governments along with numerous commercial businesses on how to achieve PCI, HIPPA, GDPR, and Zero-Trust sustainable environments. He is on a mission to create environments where people and machines use information in a positive ethical way.
Steve Zalewski
Former CISO
Levi Strauss & Co.

Council Speaker

Mr. Zalewski currently provides CISO, security consulting and security advisory services. These include: • International cybersecurity advisor and trainer. • Executive advisory board member for security startups, providing guidance on security market direction and product requirements. • CISO advisory board member for venture capital firms internationally. • vCISO for companies requiring temporary or part-time CISO expertise. Services also include guidance and solutions to address incident response, security program design, security assessment, security due-diligence, vendor/supplier due-diligence, security architecture review, board reporting and other key security leadership requirements. Operational experience in Healthcare, Utilities and International Retail verticals. Key Strengths: •Organizational Management •Strategic Planning & Execution •Enterprise Security Architecture/Strategy •Executive and BOD Security Governance/Reporting •Cybersecurity Incident Response •Security Risk & Compliance Management Additionally, I co-hosts the CISOSeries Defense-in-Depth Podcasts and am a frequent speaker and panel moderator at industry events.
Kerissa Varma
Group CISO
Old Mutual Limited

Council Speaker

Kerissa Varma is the Group Chief Information Security Officer of Old Mutual Limited. Old Mutual is one of the largest financial services organisations on the African continent with a vast footprint across 13 African Markets. She manages Information Security with dispersed teams across Africa. She has a demonstrated history of building and scaling security capabilities in a number of industries including healthcare, telecommunications, transport, government and financial services and is a passionate advocate for technology and security.

Richard Rushing

Council Speaker

Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC.; Richard participates in several corporate, community, private, and government Security Council’s and working groups setting standards, policies, and solutions to current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the security effort by developing an international team to tackle the emerging threats of mobile devices, targeted attacks, and cyber-crime. He organized developed and deployed practices, tools and techniques to protect the intellectual property across the worldwide enterprise. A much-in-demand international speaker on information security Richard has presented at many leading security conferences and seminars around the world.
November 10, 2022

Attend this event

Not available on November 10, 2022?
View other dates for the Council


All times Central Time
10:00 AM-11:15 AM
Zero Trust – What do I need, how do I do it, where do I start?
Organizations are asking these questions as they develop and implement their zero-trust approach to securing their networks. Most organizations understand what is needed from a people side to securing their networks, but they have trouble knowing what to do from a machine-to-machine approach to zero trust. This session will help you focus your efforts on what key capabilities are needed across the five pillars: network/environment, device, application workload, data, and identity. We will cover the abilities of the three foundational steps: visibility and analytics, orchestration and automation, and governance need to provide you to be effective with your machine-to-machine communication. At the end of the session, you will have the foundation for the development of the machine identity management strategy and action plan you need to implement zero-trust so you can build trust with your customers, constituents, partners, and within your organization.

In Partnership With