Security Digital Summit:Improved security for business resilience
Security Digital Summit
Security leaders are having to be more proactive in meeting the growing complexity of the Cyber threat which means more compliance, risk management and protection. Yet as the pandemic is waning, organisations and functions are trying to open up and be more responsive to client needs in an increasingly democratised age, Security leaders will have to strike a careful balance.
Why Attend
New connections
Build new connections with likeminded senior leaders
Business trends
Stay current with emerging business trends
Key takeaways
Downloadable and actionable takeaways
New partnerships
Accelerate key projects through meaningful new partnerships
Insights
De-risk new projects by gaining a broad range of insights
New technologies
Understand the impact new technology can make
Trusted by
We host global organizations with the conversations that matter. That’s why we’re trusted by these top brands.
Event Agenda
09:00 - 09:15
Opening Remarks
Intro & Diamond Commentary
09:15 - 09:45
Keynote
Geo-Politics
Geopolitical conflicts are rapidly manifesting themselves in the technology and digital world, with ramifications felt across regions and industries, and it's the security teams' role to keep it all in check.
At the same time, COVID-19's rapid expansion in connectivity has heightened the importance of concerns over reliance on foreign technology and its impact on national security.
Organizations will have to keep up with the increasingly complicated regulatory and cyber threat settings in which they operate in this climate.
09:45 - 10:25
Panel Discussion
Best Practices for Effectively Addressing Third-Party Security Risk
InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches is to implement a comprehensive and efficient third-party security risk management (TPRSM) process. This panel will discuss the increasing challenges surrounding third-party security as well as ways to efficiently and effectively manage the TPSRM process.
10:25 - 10:35
Insight Break
10:35 - 11:25
Roundtables
Track 1: Compliance Frameworks - How SOCs and Risk Teams are using the framework to communicate externally - to the C-Suite, Board and Insurance organizations.
While many mature SOC’s have been adopting the MITRE ATT&CK framework since its launch in 2015 to provide a global knowledge base of threat activity, techniques and models, it’s the outside of the SOC frameworks that business leaders, compliance and risk teams, risk insurers and industry are placing their emphasis on.
The session will discuss the link between compliance and the SOC and whether or not your organization is using these frameworks to protect your organizations against modern threats while providing evidence outside of the SOC to demonstrate adherence to the framework’s controls.
•What are the clear links between compliance and your organizations SOC?
•How is your business using these frameworks to protect the organization?
•Is it important to provide evidence outside of your SOC?
Track 2: A C't at the Boardroom Table - Where does the CISO fit in?
Boards have always found it simple to appreciate and justify the use of locks, keys, and cameras to protect essential infrastructure. However, as security risks have migrated deeper into cyberspace and become more complicated, it has become more difficult for boards to determine how effective information security officers are.
All of this is changing. Following the pandemic, boards are mandating organisational resilience and attempting to establish a brand that promotes an effective security culture. There are currently security committees that are monitored by qualified board members. Most importantly, cybersecurity risk as a fundamental determinant in third-party transactions and commercial engagements such as M&A, where security is increasingly becoming a competitive advantage desired by investors.
Track 3: The Challenges Around Securing Software Supply Chains
By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, requires organizations to take action to ensure the security and integrity of their software. But this is easier said than done.
During the session you will:
•Discuss how the software supply chain is becoming more complex and a greater attack vector
•Explore new challenges that this complexity is creating as well as new regulatory obstacles
•Discuss mitigation strategies throughout the software development processes and environment
11:25 - 11:30
Short Break
11:30 - 12:10
Masterclass Breakouts
Beyond Intrusion: Stop Attackers in their Tracks with the Network
There’s no doubt, cyber defense has come a long way from where it used to be; yet, security outcomes have remained relatively unchanged. In this presentation, ExtraHop VP of Sales Engineering, Mike Ernst, discusses the asymmetry between where attackers attack and where defenders defend that has led us to this reactive state. He’ll share example attack scenarios and opportunities beyond intrusion prevention for defenders to stop attackers in their tracks as they traverse the network.
12:11 - 12:41
Headline Keynote
Run zero day like any other day
It’s more than just prevention. When the next zero day inevitably happens, are you prepared to respond quickly with the right solutions, capabilities, and processes? In this session, we’ll share how to approach normalizing a zero day event.
09:00 - 09:10
Opening Remarks
09:10 - 09:40
Keynote
The Journey to Building API Security
APIs are a crucial enabler for digital transformation and microservices. This session will delve into the API threat landscape and provide actionable tasks in taming these challenges. The presentation plan will include “Why API Security is on every CISO’s mind,” “Typical API Security Challenges,” “Best Practices for Tackling API Security,”
09:42 - 10:22
Panel 2
DE&I in Security: We CAN do more, but what more can we do?
Our hackers are diverse, so shouldn't we be? Improving diversity and inclusion in the cyber security profession will be critical to closing the industry's well-documented skills gap. The industry presents a complex picture, showing diversity with higher levels of representation than the wider technology industry in some cases, such as LGB and female representation and cyber professionals feeling confident in being themselves in the workplace.
10:22 - 10:32
Insight Break
10:35 - 11:25
Roundtables
Track 1: Compliance Frameworks - How SOCs and Risk Teams are using the framework to communicate externally - to the C-Suite, Board and Insurance organizations
While many mature SOC’s have been adopting the MITRE ATT&CK framework since its launch in 2015 to provide a global knowledge base of threat activity, techniques and models, it’s the outside of the SOC frameworks that business leaders, compliance and risk teams, risk insurers and industry are placing their emphasis on.
The session will discuss the link between compliance and the SOC and whether or not your organization is using these frameworks to protect your organizations against modern threats while providing evidence outside of the SOC to demonstrate adherence to the framework’s controls.
•What are the clear links between compliance and your organizations SOC?
•How is your business using these frameworks to protect the organization?
•Is it important to provide evidence outside of your SOC?
Track 2: A C't at the Boardroom Table - Where does the CISO fit in?
Boards have always found it simple to appreciate and justify the use of locks, keys, and cameras to protect essential infrastructure. However, as security risks have migrated deeper into cyberspace and become more complicated, it has become more difficult for boards to determine how effective information security officers are.
All of this is changing. Following the pandemic, boards are mandating organisational resilience and attempting to establish a brand that promotes an effective security culture. There are currently security committees that are monitored by qualified board members. Most importantly, cybersecurity risk as a fundamental determinant in third-party transactions and commercial engagements such as M&A, where security is increasingly becoming a competitive advantage desired by investors.
Track 3: The Challenges Around Securing Software Supply Chains
By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, requires organizations to take action to ensure the security and integrity of their software. But this is easier said than done.
During the session you will:
•Discuss how the software supply chain is becoming more complex and a greater attack vector
•Explore new challenges that this complexity is creating as well as new regulatory obstacles
•Discuss mitigation strategies throughout the software development processes and environment
11:26 - 11:56
Innovation Exchange Keynote
Adaptive Security
The adaptive security model is a cybersecurity strategy that focuses on prevention, detection, and response. The adaptive approach ignores standard perimeter concepts and believes that there is no distinction between safe and unsafe.
This is a critical paradigm shift, especially in light of the move to cloud services and ubiquitous computing outside of the company.
11:58 - 12:30
Closing Prime Keynote
Learning from Every Attack: How to Build Continuous Education Programs for Your Cybersecurity Team
With a crippling cybersecurity skills shortage, it's never been more vital to invest in continuous cybersecurity education and training. Whether it's keeping ahead of emerging new technologies or ensuring that junior team members have clearly defined growth paths - investment in education and training helps cybersecurity teams respond faster, improve defensive posture, and increase retention of valuable employees. But building an effective education program can be time-consuming, and divert focus from priority one - keeping the organization safe.
In this talk, Leonid Belkind, Co-Founder and CTO at Torq, will discuss how to right-size training and education opportunities for your team, and how to use real-world attacks and threats as opportunities to help junior team members enrich skills. He'll focus on three areas:
•How to keep teams current on new threats, attack vectors, and technology trends
•Establishing effective mentorship programs to help junior team members quickly acquire new skills
•How to balance training and learning opportunities against mission-critical work that demands focus.
09:00 - 09:10
Opening Remarks
09:10 - 09:40
Keynote
Cyber & The Board: You had their Curiosity, Now you have their Attention
Boards have always found it simple to appreciate and justify the use of locks, keys, and cameras to protect essential infrastructure. However, as security risks have migrated deeper into cyberspace and become more complicated, it has become more difficult for boards to determine how effective information security officers are.
All of this is changing. Following the pandemic, boards are mandating organisational resilience and attempting to establish a brand that promotes an effective security culture.
There are currently security committees that are monitored by qualified board members. Most importantly, cybersecurity risk as a fundamental determinant in third-party transactions and commercial engagements such as M&A, where security is increasingly becoming a competitive advantage desired by investors.
09:41 - 10:21
Panel Discussion
The Internet as the new corporate network: Fast-tracking your security modernization
It’s now or never to modernize security. Apps live in the cloud, teams work remotely, and cyber threats exploit the excessive trust built into outdated, perimeter-based approaches. Change is only accelerating, with new risks to mitigate, new standards to comply with, and new geopolitical pressures to navigate.
This panel session – led by Trey Guinn, Field Technologist, Cloudflare – will explore how organizations can adapt to these changes. In particular, the conversation will explore successful strategies to take advantage of the power and promise of the Internet as a new type of corporate network.
10:22 - 10:32
Insight Break
Start left in software security with secure design
Designing a secure application from the start is far more cost effective than playing whack-a-mole with security vulnerabilities in production. We will explore simple techniques to get developers thinking about security at the design stage, before they start writing code.
Poll:
•How do you currently implement security at the software or system design stage?
10:32 - 11:22
Roundtable Leaders Panel
11:22 - 11:30
Ad Break slot
11:30 - 12:00
Innovation Exchange Keynote
Information Security and Reputational Impact of Social Media
Social media is no longer just another means by which to communicate with one another, it has become a source of cybersecurity intelligence as well as a threat vector unto itself. The threat is just not cyber but one of brand and reputation. In the age of mis and disinformation all organizations, all organizations cannot continue to ignore the impact that social media has on brand, reputation and trust.
12:01 - 12:31
Closing Keynote
12:31 - 12:41
Insight Break -Closing Comments
Speakers Include
Lester Godsey
Dr. Nida Davis
Dov Goldman
Steve Kinman
Gene Stevens
Kevin Paige
Charlie Jones
Josh Copeland
Brent Deterding
Tracy Dallaire
Steve Hindle
Trey Guinn
Richard Yew
Vishal Oza
Joe Cvelbar
Sherri McGurnaghan
Mike Ernst
Melanie Kruger
Leonid Belkind
Benjamin Corll
Vipin Gautam
Jajati Samal
Les Correia
Christy Emma Peel
Jeffrey Moore
Josh Copeland
An immersive
event experience
interactive features including:
Audience Interaction
Engage with a virtual live audience just as you would at a physical event and create meaningful conversations.
Interactive Live Polling
Keep engaged through interactive live polling and gamification tools.
Direct connections
Ask your questions face-to-face with the speakers via our leading stage technology.
Relationship building
Build stronger connections with leading executives that you will take with you through your career
Thought Leadership
Content and insight from industry experts when it matters most
Intelligent interaction
Interactive quizzes gamify your experience
Have a question…
There is no cost associated with attending a GDS Summit. In return, we ask that all senior executives in participation attend for the full duration to ensure that all attendees get maximum value and insight from the interactive roundtables, live Q&As and breakout networking sessions.
Our digital summit portfolio is designed to bring together senior decision makers from large global businesses and innovative disruptor brands to drive industry forward through addressing business critical challenges collaboratively.
If you’re keen to build new connections with likeminded leaders, de-risk your projects through new insight and establish new partnerships that can accelerate your projects then apply to attend today.
Complete our form below if you’re interested in attending the summit and you meet our application criteria. A member of the GDS team will then reach out to run you through the programme and event format and discuss your participation.
On stage: co-host a panel discussion with a group of likeminded senior executives or host a solo keynote presentation. Both slots include elements of interactive audience Q&A
Off stage: become a roundtable moderator, leading the discussion with the same cohort of executives for the duration of the summit around a specific topic you’ve agreed to focus on during the roundtable session.
We can tailor a partnership package to help meet your business objectives. This might include brand awareness, driving traffic to your site or quality editorial content via exclusive interviews and Q&As with our executive audience. Enquire today for more information.