The Future of Cybersecurity

CISO Think Tank

February 23, 2022 - New York, NY

c-vision logo blk

February 23, 2022

Attend this event

Not available on February 23, 2022?
View other dates for the Think Tank

Agenda

All times Eastern Time
12:00 PM-12:30 PM
Welcome & Registration

12:30 PM-1:25 PM
Keynote Panel
Keynote Panel: Security Controls: Measuring Efficacy for the Business Growth

The industry is spending record amounts on cybersecurity tooling, but somehow CISOs still are at times left scrambling to respond to the vulnerabilities like Log4j. Assuming that these types of critical and far-reaching events are inevitable, how can CISOs further improve their organization’s preparedness for future cyberattacks?

This panel will discuss potential strategies for determining the critical security controls - both technology and behavioral - that can minimize cyber-risks and give the organization the competitive advantage to grow and innovate. We will explore frameworks for measuring the efficacy of cybersecurity investments, and KPIs that show the board the investment is safeguarding the company's digital infrastructure for the long term.


In partnership with

1:30 PM-2:15 PM
Fireside Chat: Technology Supply Chain

Many large enterprises in today’s fiercely competitive climate look toward optimizing its supply chain to increase business scale and agility. By harnessing a combination of technologies like artificial intelligence, machine learning, and predictive analytics, companies can automate and create new customer experiences that increase satisfaction and boost sales. Gaps remain in supply chain cyber security even as digitalization accelerates. By doing so, companies are left vulnerable to the growing risk of a cyber-attack. There are no shortage of stories illustrating the dangers of lax cyber security, with the biggest attacks able to utterly paralyze an operation and cause millions in losses. Despite this obvious danger, efforts to improve cyber security are progressing slowly. Future risks to the supply chain will involve software, cloud-based infrastructures, and hyper-converged products, rather than simply hardware. Even after many years of experience, capable CISOs find they may not be equipped to overcome the cybersecurity concerns that arise from building control contractors.


In partnership with

2:15 PM-2:30 PM
Networking Break

2:30 PM-3:25 PM
Keynote Panel: Being Effective…. Securely

In the post pandemic era, remote employment is the new status quo. Employers are forced to implement and improve the digital workplace by providing productivity tools and accessibility to company resources. In this session, we will share case studies of successful digital workplace implementations, including how to deal with the inherent security risks of expanded accessibility to company resources. In this session you will learn from real working examples the keys to implementing a successful digital workplace including how to evaluate the potential ROI from the different security strategies available.


In partnership with

3:25 PM-3:40 PM
Networking Break

3:40 PM-4:05 PM
Disruptor: Guarding the Doors: Navigating Risk From Third-Party Code

Open source libraries are widely leveraged by developers. In fact, 97 percent of the typical Java application is made up of open source libraries. But nearly 80 percent of developers never update third-party libraries after including them in codebase.

What does this mean for your applications? There is a good chance that your third-party libraries have undetected vulnerabilities. Scary, right?

The good news is that when alerted to vulnerabilities in open source libraries, developers tend to act quickly. This is especially true when developers understand how the vulnerability could impact their application.

Join us as we review our annual study on open source libraries, State of Software Security (SOSS) v12: Open Source Edition. We will explore the most popular open source libraries, how libraries are evaluated and selected, and how to eliminate risk by fixing vulnerabilities.


In partnership with

4:10 PM-5:05 PM
Panel: Human Security Engineering

90%+ of all losses result from attacks targeting users, honest users. A common solution to user error is awareness, but we need to fix the system that facilitated the creation of the error, the action, and the results, which means not just stopping errors but also accidents and malice. In this session we will share a model of Human Security Engineering identifying the optimal suite of countermeasures, and work through user targeting attacks to experience implementing the model. This talk will also look at a comprehensive strategy to address the insider threat, whether it results from malicious or well-meaning insiders, while detailing HSE and providing the resources required for attendees to follow up and consider how they can implement HSE to better mitigate their own insider threats.


5:05 PM-5:15 PM
Raffle & Closing Remarks

5:15 PM-6:30 PM
Cocktail Hour