Explore creative ways of developing your talent pool including taking an active role in partnering with local universities to train tomorrow’s security teams.

The last couple of years saw the largest and most rapid work transformation in history. The Security and IT workforce is now more distributed and diverse than ever before – and the transformation isn’t stopping. How can you unify your security and IT teams and accelerate how they identify, prevent and respond to threats?
Today, the cyberattack surface is inclusive of living rooms, kitchens, home networks and personal devices. This climate creates an attractive space for hackers who are employing a more diverse range of attacks. According to the VMWare Global Security Insights Report, almost 80% of those surveyed said the vast increase of attacks over the last 18 months was a direct result of more employees working from home.
It is crucial to build a strategy that secures your organization, shifting from a reactive security posture to a position of strength. So how can we seamlessly secure endpoints, workloads, data, clouds and networks so users have flexibility and can remain agile?
It all starts with unifying your security and IT teams. Within this panel discussion we will be exploring this concept as well as how to leverage your infrastructure to best secure your organization.

•How has the vast increase in remote working impacted your organization when it comes to security? Have you seen an uptick in threats? What key challenges are you facing?
•What steps are you taking to protect your business from attacks? How are you identifying, preventing, and responding to threats with the right context and insights?
•What are your best practices when it comes to breaking down the siloes between security and IT for effective long term digital transformation strategies? How can we unify these teams and alleviate tensions? Should the CISO report to the CEO/ board vs. the CIO?
•How has the evolving threat landscape, sophistications and volumes impacted your security & IT teams when it comes to protecting workforces and workspaces? What action are you taking to remain one step ahead?
•What should be the top priority for the organization moving forward when thinking about a "work from anywhere" approach?
•User training is crucial when it comes to best practice cyber security and mitigating risks. How can the CISO create a considered, personalised approach in order to build both an effective first line of threat defence, and a security-aware corporate culture?

The talent shortages within security organizations are well known, especially when considering the critical skills required from cyber professionals. For many leaders the question of how to stay secure amid a talent crises seems to be the most important consideration. Yet even for organizations that have what they would consider a quality bench of cyber talent, the threat is only increasing and as such resilience needs to be considered together with perceived security levels.

This roundtable track explores the following key questions:
•How much progress are companies making in developing cyber talent outside of traditional channels?
•How do you develop policies and processes that strike a balance between protecting critical assets, detecting compromises and responding to incidents?
•What does it mean to create a cyber- resilient culture that sees the whole organisation as security champions?

Security leaders are increasingly having to consider speed of business, people being able to do business beyond boundaries, and how can they enable the business rather than just protect it. A key and growing foundation for increased agility and collaboration is the cloud and security leaders need to consider how cloud security innovation drives innovation in general.

This roundtable explores the following key questions:
•How is the migration to cloud providing new innovation opportunities for the business that need to be navigated and enabled by security?
•What does the current cloud security innovation ecosystem look like and where do security leaders need to show more leadership?

The days of releasing a product into the wild and addressing bugs in subsequent patches are gone. Today organisations gave to build security into all stages of the software development cycle and due to increasing scale, automation and cost this will only become more important. Yet knowing whether these processes should be top down or bottom up together with the resulting impact on implementation costs, remediation time and vulnerabilities of each approach is of key concern. To ensure that companies are putting out innovative products that will protect the consumer and the business, security leaders need to appreciate which SSDLC approaches and technologies will work best.

This roundtable track considers the following questions:
•How are the current market conditions and the pressure on companies to innovate digital experiences more quickly, putting pressure on SSDLC’s?
•How will SSDLC’s change in what is becoming the democratised age where different functions have greater control over their digital destinies?

Security organizations have become efficient practitioners of identifying and reporting security gaps. While this meets expectations from a security standpoint, it does not help our business to understand its operational risk, prioritize work, or make strategic decisions. This talk sheds light on how to mature your security team into an organization that can move beyond security gaps to effectively enable your business to make smart risk-based decisions.

A study by the Marsh McLennan Cyber Risk Analytics Center found that poor performance in many BitSight analytics is statistically significant and correlated with the likelihood of experiencing a cybersecurity incident. Join BitSight’s Derek Vadala to walk through this research and takeaways.

Join us to learn:
•The 14 BitSight analytics that correlated to cybersecurity incidents
•Recommendations to improve programmatic areas in your cybersecurity strategy
•Performance areas to prioritize to achieve better cyber insurance coverage and terms

Many organizations cannot keep up with the pace of innovation without relying on a larger ecosystem of partners to provide key capabilities. The API management market size is expected to grow from USD 4.5 billion in 2022 to USD 13.7 billion by 2027 according to research by Markets&Markets. The most critical API security risks include: Broken object level, user- and function-level authorization, excessive data exposure, lack of resource, security misconfiguration, and insufficient logging and monitoring. The implications of these and other risks are huge. This panel explores how the modern CISO prepares for a future where for their companies ability to compete requires the management of a more complex innovation ecosystem.