9:15 AM – 10:00 AM:
Registration

Meet your fellow Leaders, visit Exhibitors

10:00 AM – 10:15 AM:
Richard Greenberg

Welcome Address

11:15 AM – 12:30 PM:

Lunch and Vendor Expo

2:05 PM – 2:25 PM:

Break and Vendor Expo

2:25 PM – 3:25 PM:

Roundtable Discussions:

3:30 PM – 4:15 PM:
Ron Dilley

4:20 PM – 4:40 PM:

Break, visit Exhibitors

5:25 PM – 5:30 PM:
Haral Tsitsivas

Closing Remarks

5:30 PM – 7:00 PM:

Happy Hour

Talk Descriptions:

Horizon Level Room

10:15 AM – 11:00 AM

Opening Keynote:

Things that matter are hard. Trust and the role of the CISO now and in an AI driven future.

Malcolm Harkins

The CISO role at the core is about trust. It’s hard to get and easy to lose. In this talk I will discuss the hard truths we face in our budgets, in our choices, and with regard to our liabilities. I will offer my perspectives as to how to best manage the various conflicts that can bring into question our integrity as we execute our role. I will discuss cyber risk design goals to frame what matters most – material events that could affect your organization.
AI is everywhere and is the next material risk you need to be managing. This talk will also explore with data how exploitable the AI you are using or creating is to generate a material event. I will explain how your existing controls will not work to mitigate AI risks. I will offer some ideas using the Mitre Atlas framework as well as areas identified by CISA as to how to best safely and securely leverage AI.
We can achieve the benefits of AI with a dramatic increase in risk. But we have to act now with a “Protect to Enable” approach for the rapid adoption of AI.

Horizon Level Room

11:05 AM – 11:15 AM

Shifting to a Proactive Defensive Security Strategy with Continuous Threat Exposure Management

Nick Lantuh

Join Nick Lantuh, Co-founder & CEO at Interpres Security as he shares his experience and insights into the shortcomings of existing security approaches and the value of a threat-centric strategy. Nick will cover some of the top challenges with security management today, why security teams must continuously monitor controls, and what you should look for as you build a CTEM strategy.

Horizon Level Room

12:30 PM – 1:15 PM

Predictive Success in Cyber Leadership

Rich Lindberg

This talk focuses on practical techniques and strategic approaches to implement a successful Cybersecurity Program.
Why, what, and how to craft and execute Cyber Leadership within your Organization.

Horizon Level Room

1:20 PM – 2:05 PM

CISO-CIO Panel:

Are you a Cybersecurity or IT Leader facing sleepless nights due to ever-evolving threats and a complex security landscape?

Moderator: Richard Greenberg
Panelists: Sasha Pereira, Nemi George, Elnaz Bayazian, Edward Bonver

Join us for a candid discussion with cybersecurity leaders on the most pressing issues keeping them up at night. This is your opportunity to gain valuable insights from leaders such as yourself as they share their experiences and knowledge, and how they are implementing security controls to combat the latest threats.

Horizon Level Room

2:25 PM – 3:25 PM

Roundtable Discussion:

Beyond the Perimeter: Navigating the Zero Trust Transition

Lisa Jiggetts

The move towards Zero Trust security represents a significant shift in how organizations approach cybersecurity. Let’s discuss the evolving threat landscape and regulatory efforts driving this shift; outline key principles of Zero Trust; and exchange knowledge on managing both cultural and technological shifts for a smooth adoption.

Horizon Level Room

2:25 PM – 3:25 PM

Roundtable Discussion:

Escalating Cyber Risk from the IT Department to the Boardroom

Genevieve McGinty

Escalating cyber risk from the IT department to the boardroom involves ensuring that cybersecurity issues and concerns are effectively communicated, understood, and addressed at the highest levels of the organization.  By doing this, organizations can enhance their cybersecurity governance, resilience, and strategic alignment, ultimately reducing the likelihood and impact of cyber threats on their business operations and stakeholders. We will discuss techniques and strategies to accomplish this.

Horizon Level Room

2:25 PM – 3:25 PM

Roundtable Discussion:

Third-Party Cybersecurity Risk Management

Sascha Schleumer

Most organizations rely heavily on third-party vendors, suppliers, and service providers to streamline operations and enhance efficiency. While these partnerships offer numerous benefits, they also introduce significant cybersecurity risks. Third-party entities may inadvertently expose sensitive data, introduce vulnerabilities, or cause operational disruption, posing a threat to the entire ecosystem. This Roundtable discussion will cover strategies for managing these risks.

Horizon Level Room

2:25 PM – 3:25 PM

Roundtable Discussion:

Regulatory considerations for Federal suppliers, contractors and those who want to do business with the Federal Government. What does compliance mean?

Eric Barricklow

FAR Clause 52.204-21 and DFARS Clause 252.204-7012 specify security requirements that entities must implement and be compliant to safeguard Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) for Federal and Department of Defense Contractors and Suppliers. Assessors typically use terms adequate and sufficient to indicate compliance with these security requirements, but what does adequate and sufficient mean in today’s business environment? Does the size of the supplier matter? Is the maturity of the supplier relevant? What does compliance really mean?

Horizon Level Room

3:30 PM – 4:15 PM

Talk:

Unleashing the Power of AI

Ron Dilley

Disrupting the status quo while pointing the power of AI away from us and towards our adversaries

In this dynamic and thought-provoking talk, we will delve into the world of Artificial Intelligence (AI) and its transformative impact on cybersecurity. From disrupting the status quo to exploring the potential of AI capabilities and functions, we will navigate the intricacies of harnessing this powerful technology while addressing concerns about its deployment.

Horizon Level Room

4:40 PM – 5:25 PM

Closing Keynote:

Leveraging the NIST Cybersecurity Framework to meet the new SEC Cyber Security Guidelines

Christian Sorensen

As cyber threats continue to loom over all organizations, the SEC’s latest cybersecurity guidelines have set a new precedent for increasing transparency and diligence in risk management. Publicly traded companies are now mandated to disclose their cybersecurity risk mitigation strategies in annual SEC filings, a directive that underscores the need for a robust framework to articulate and execute their cybersecurity posture. This talk, titled “Leveraging the NIST Cybersecurity Framework to Meet the New SEC Cybersecurity Guidelines,” is designed to navigate the confluence of compliance and security.

We will explore how the well-established NIST Cybersecurity Framework (NIST CSF) aligns with the SEC’s requirements and can serve as a strategic asset in demonstrating a company’s commitment to cybersecurity, both internally and externally. This presentation will discuss the NIST CSF’s core functions, categories and subcategories, discussion activity prioritization, customization strategies, communication strategies and ways to rally key players within an organization.

As we delve into the practical applications of the NIST CSF, we will demonstrate how compliance, while not synonymous with security, is a critical step towards it. The framework acts as a blueprint for IT and security teams to unite under a common language, set measurable goals, automating and visibly tracking progress. For executives and shareholders, the NIST CSF provides a narrative that translates technical efforts into business impacts, effectively informing budgetary and strategic decisions.