Chicago CISO Community
Virtual Executive Summit

This is NOT your typical security conversation. We won’t be talking about how to play better "perimeter defense" at the end of your software supply chain. Instead, we will be talking about how to play better digital “innovation offense” as next-generation software supply chain attacks become more sinister with bad actors actively injecting malicious code into open source projects that feed the global software supply chain. 

Join us to discuss:

• The prevalence of software supply chain attacks with real-world examples such as dependency confusion and how to continuously identify and remediate open source risk, without slowing down innovation
• Ways to integrate security guardrails directly within your DevOps pipeline
• The importance of uniting developers, security, and operations on the same team

As organizations rush to cover gaps in an expanding attack surface, thanks to digital transformation and remote work, they are realizing that this strategy is creating an uncontrolled technology sprawl. Yet many organizations continue purchasing more tools than they can manage, actually increasing their overall risk while wasting limited program budget. How is your technology investment strategy helping you meet your security outcomes?

In this discussion, you will learn:

• The state of “tools sprawl” and data showing its impact on security organizations
• Insights and best practices to reduce complexity and increase tool efficacies
• Maturing your security posture to drive desired outcomes

What would it mean for the world of business if an organization could fully and effortlessly manage the access of its users? Every enterprise requires safeguards to ensure that the right people are accessing the right systems and information, and finding that balance between agility and security is a unique challenge for any CISO. After so many years spent tackling this issue, has a new way forward revealed itself?

Join this session to discuss:

• Prudent approaches to right-size the balance of security controls and agile access

• Ways your peers discuss strategy for trust and access with other senior leaders

• New technologies that are improving the world of IAM

Don't miss this opportunity to meet with CISO practitioners and industry thought leaders who shared their insights on the agenda. Come with questions and get ready to meet new friends in this casual session designed to foster peer connections and collaboration in the Chicago community. 

Meet virtually for in-depth conversations with your colleagues

Be among the first to see what’s new and next in the security solutions landscape. Three early-stage providers will get the chance to showcase their innovative solutions to the most pressing cybersecurity challenges.

Join this session to learn and explore:

• Vulcan’s risk analytics and remediation orchestration
  • If there was one thing you could change about the way you prioritize and remediate security vulnerabilities in your environment, what would it be?
  • How well does your team work with IT stakeholders (application, cloud, network, infra, etc.) to drive remediation outcomes, and reduce risk for the business?
• Cycode’s access control and configuration management 
  • Does your security team have the visibility and control that it needs to secure development tools and infrastructures like source control management, build systems, and the cloud environment? If not, what are your unmet needs?
  • Where does reducing code tampering risk sit on your priority list? What are your key initiatives to reduce code tampering risk and what are the biggest gaps that you're trying to solve for?
• Orca Security’s cloud security risk detection in your cloud environment
  • What is your first impression of an agentless cloud native security platform?
  • If you could change one thing about how you track asset inventory, what would it be?

The public cloud has delivered spectacular business benefits while rendering old-world security and governance models obsolete. However, a new approach to governance and security that is fully automated and built for the modern world will deliver security far superior to old-world enterprise networks and data centers.

Join this interactive session to discuss:

• Security implications of digital disruption
• Real-world steps to re-invent security for both security and DevOps teams
• Why identity and data governance is central to new security

Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is another serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. CISOs need solutions that will successfully protect their systems and information. Selecting the right tools and strategies is the key to success with these issues.

Join this session to discuss:

• Prudent approaches to right-size the balance of security controls and agile access
• Ways your peers discuss strategy for trust and access with other senior leaders
• How to create defined and repeatable processes with plans for action to eliminate security debt

Added to the list of bona fides for today’s information security leader is a multilingual mandate for speaking the languages of risk. Business risk, legal risk and more all intertwine with an effective security strategy, yet the owners of each area don’t always see eye to eye. Where business units aren’t looking at risk the same way, an opportunity opens for malicious actors.

Join this session to discuss:

• Successful examples of cross-functional partnerships in risk management

• Metrics that effectively describe risk within, and outside of, security

• Tips for leveraging risk discussions to gain support for security

Are you challenged with uncontrolled costs and unknown risks from your adoption of cloud services? Concerned with whether your IaaS investments are endangering your security or compliance? Or perhaps you’re just watching your budget disappear seemingly on its own. You are not alone.

Join this session for a discussion around:

• Optimizing the cost of the cloud
• Improving security, compliance and governance in cloud architectures
• Leveraging the resources and controls you already have

By registering for this session, this serves as your authorization to Evanta or its vendor to provide your contact information to IBM to follow up on your interaction and participation. IBM’s use of your contact information is governed by the IBM Privacy Policy. If you need more information on how IBM is using your personal data you may refer to the IBM Privacy Statement. To withdraw your marketing consent and unsubscribe to receiving emails click on the unsubscribe button at this address: ibm.biz/marketingoptout.