Nordic CISO Virtual Executive Summit

In the face of crisis there are two kinds of organisations: those who have crisis leadership, and those who have leadership crisis. A crisis is the ultimate test for the organization and leadership. There are distinctive elements and factors that separate those who are successful from those who fail. 

Join Jere Peltonen to learn from his diverse experience and background. Jere is a global risk, resilience and security adviser, currently working for the Finnish Foreign Ministry and Diplomatic Service and the Deputy Director of the Nordic Counter Terrorism Network. In this session, Jere will draw on his experience and will relate fascinating anecdotes covering the key attributes and practices of effective leaders in crisis situations.

We will look at:

• Elements of the organizational crisis management capability
• Leadership during crisis
• Psychological factors in crisis management

Sophisticated enterprise risk management strategy is not necessarily the full mitigation of risk. For most information security executives, strategic risk management describes a cross-organisational framework to assess different areas of risk and determine when accepting those risks is in the net interest of the business. In order to inform strategy and accountability for risk management, CISOs must be able to leverage meaningful metrics and messaging.

Join this session to discuss:

• Metrics that work – and don’t work – in describing information security risk
• The role that the CISO plays in setting risk management strategy
• Effective cross-functional partnerships in risk management

Despite expanded awareness of security hygiene, well-intentioned users remain a major area of risk for every organisation. There are countless ways in which an individual can become a liability, and the CISO must find ways to educate users against risks that extend from the office to their own living rooms.

Join this session to discuss:

• The latest security awareness training strategies that are resonating with users
• Ways to hold users accountable for good security hygiene
• Techniques to automate meaningful security awareness training

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

How are your peers balancing business agility and business security in their identity and access management strategy? Discover how you can benchmark your framework, and learn the most innovative tactics security leaders are using for IAM in their organisations without interrupting core business operations.

In this session, you'll learn more about:

• Standardising and automating IAM across an enterprise
• Methodologies that satisfy users while maintaining adequate access controls in cloud and legacy environments
• Roadmaps for deciding what tools will fit best

Data protection and cybersecurity are both essential to safeguarding the organization against breaches. Traditionally, cybersecurity and data protection communities have remained separate. Cybersecurity is generally perceived as a technical issue, while data privacy and protection is regarded as an issue relating to data access and protecting data from getting into the wrong hands.

In this keynote session, Per Anders Eriksson will present:

• How ICA Gruppen they have organized their data protection
• Best practices for cybersecurity activities 
• How to work together to address common objectives

As enterprises increasingly make access to data more fluid and move assets to the cloud, endpoint protection has become vital. These shifting perimeters lack clear definition and require new layers of security through endpoint protection.

This session aims to bring together CISOs to share their journeys of endpoint management, including concerns over vendor validation, data and asset visibility as well as success and failure stories.

Join this discussion to explore:

• Tactics for monitoring a sprawling attack surface of connective devices
• Strategies to identify your most vulnerable endpoints
• How deep learning can offer a multi-layer approach to endpoint security

In this era of digital transformation, organisations rely heavily on their third parties, however, third-party relationships come with risks. To help mitigate those risks CISOs much work closely with their partners to ensure security.

Join this session to discuss:

• Strategies to establish a process for continuous assessment and monitoring of third parties
• How to create an accurate inventory of all suppliers within your ecosystem
• What to do when your third party gets breached

Whether you are just moving into the cloud, researching more options within the public cloud, or building your own private cloud, most leaders agree that this is the future of infrastructure as a service. But can CISOs have it all – both increased productivity and cost benefits within a secure cloud?

During this peer-discussion you will explore:

• Automation, orchestration, AI and machine learning cloud strategies
• Nuances for hybrid on- and off-premise systems
• Ways to incorporate the cloud into a fully articulated security strategy