Southern California CISO Community
Virtual Executive Summit

CISOs say that what they need most in their security program is confidence that people, processes and technology are working and effective, and that controls are in place to ensure resiliency in the case of a major event. But how do you measure that, and how do you effectively communicate across your organization’s leadership and the board?

In this discussion, you will learn:

• Why traditional metrics fall short of communicating security risk and value
• Which metrics have meaning for both boards and security teams
• How the right metrics will benefit the business and win investment for security

This is NOT your typical security conversation. We won’t be talking about how to play better "perimeter defense" at the end of your software supply chain. Instead, we will be talking about how to play better digital “innovation offense” as next-generation software supply chain attacks become more sinister with bad actors actively injecting malicious code into open source projects that feed the global software supply chain. 

Join us to discuss:

• The prevalence of software supply chain attacks with real-world examples such as dependency confusion and how to continuously identify and remediate open source risk, without slowing down innovation
• Ways to integrate security guardrails directly within your DevOps pipeline
• The importance of uniting developers, security, and operations on the same team

CISOs globally are struggling with technology outpacing the availability and skill development of their talent. What does it take to create opportunities for the next generation to thrive in a security career?

Join this roundtable to discuss:

• What it takes to identify, develop, and retain diverse talent
• Strategies to measure the capabilities of your team based on talent versus tenure
• Upskilling and reallocating talent to meet changing demands

Digital transformation has created a convergence of users, devices, and applications that demands an identity-based security approach. With the identity perimeter exposed, CISOs need new and better ways to protect it. 

Join this interactive boardroom conversation to discuss: 

• Strategies to reach frictionless IAM 
• How identity can protect against automated attacks 
• The future of IAM including passwordless authentication

Security threats have been around for decades, but lately the nature of those threats has changed, the security of third and fourth-party partners has come to the fore as an urgent issue for enterprises. Join Chipotle CISO Dave Estlick, as he shares his insights on third-party risk management, including:

• How to build a third-party risk program that operates at the scale of the business
• New approaches for managing third and fourth-party partners
• Tools and strategies that will help you make the best choices for your organization

Don't miss this opportunity to meet with Southern California practitioners and industry thought leaders who shared their insights on the agenda. Come with questions and get ready to meet new friends in this casual session designed to foster peer connections and collaboration in the CISO community. 

The threat landscape facing the modern enterprise is only accelerating in scope and risk, as an ecosystem of well-organized bad actors assails organizations in a relentless assault. Security operations are an essential core of effective defense, but against an ever-expanding threat landscape, maintaining the advantage is no easy task.

Join this session to explore:

• The modern ideal state for the security operations center
• Leadership best practices for keeping employees engaged and alert
• Strategies to operate a high-performing next-gen SOC

Software has never been more business critical, and cyberattacks at the application layer have never been more frequent. Yet budgets are also getting extra scrutiny in recent months. Join this boardroom to learn how to make the case for application security, from why you need it to what good looks like. You'll leave with actionable tips and advice on:

• Getting buy-in for AppSec
• Making the case to expand a program
• Communicating AppSec success to executives & more

The global health pandemic has forced CISOs into a new era of evolving challenges. With fully remote workforces and assets continuously moving to the cloud, securing endpoint protection has never been more critical. So how are CISOs deploying next-generation endpoint protection to solve these obstacles?

Join this interactive session to discuss:

• Securing critical applications even in a state of compromise
• Tactics for monitoring a sprawling attack surface
• Leveraging new technologies to quantify threats

Whether you are just moving into the cloud, researching more options within the public cloud, or building your own private cloud, most leaders agree that this is the future of infrastructure as a service. But can CISOs have it all – both increased productivity and cost benefits within a secure cloud?

During this peer-discussion you will explore:

• Automation, orchestration, AI and machine learning cloud strategies
• Nuances for hybrid on- and off-premise systems
• Ways to incorporate the cloud into a fully articulated security strategy

By registering for this session, this serves as your authorization to Evanta or its vendor to provide your contact information to IBM to follow up on your interaction and participation. IBM’s use of your contact information is governed by the IBM Privacy Policy. If you need more information on how IBM is using your personal data you may refer to the IBM Privacy Statement. To withdraw your marketing consent and unsubscribe to receiving emails click on the unsubscribe button at this address: ibm.biz/marketingoptout. 

Organizations are moving faster than ever before. With employees creating, modifying, deleting, and transporting data every second, how can CISOs keep up as job hopping and turnover rates continue to rise?

Join this boardroom to discuss:

• Ways to cut through the false noise and final real risk within your organization
• How to determine the right approach to insider risk response
• Strategies to continuously monitor file activity without being invasive

Businesses around the world are using DevOps to unleash innovation and accelerate digital transformation. However, recent high-profile breaches demonstrate the huge risk unprotected developer pipelines represent and the importance of securing all identities across the enterprise.

Join CyberArk, PwC & your peers to discuss:

• DevOps security challenges – and DevSecOps practices & tools to strengthen security without impairing business agility
• Best practices for successful DevSecOps – shifting security left to engage developers
• Why Identity Security should be the core of every organization’s strategy

How can CISOs adapt and enable business agility without compromising security? In the wake of widespread cloud adoption and ubiquitous remote workers, traditional network and security systems have failed to keep pace.

Join this discussion to learn how others are taking a Zero Trust approach to :

• Redefine enterprise security strategies to embrace a perimeter-less environment
• Adopt context-based and identity-centric access policies
• Transparently grant users access to only the resources they need
• Dynamically adjust access based on risk level

Meet virtually for in-depth conversations with your colleagues