Agenda

Virtual Event Dates: November 16-18

All sessions available on-demand

CSO50 Conference + Awards wrapped up yesterday! It was a great three days of learning and networking. Missed a session? All content is available on-demand for your viewing convenience. Access the event environment here.

On-Demand Sessions
Agenda

Challenge Security’s Rules: Transform the Threat Surface to Proactive Control
Robert DeVito, Global Director, Customer & Partner Sales Engineering, Chrome

With the increase in distributed workforces and the growing adoption of cloud applications, companies face unprecedented levels of IP, data, and identity sprawl beyond the enterprise firewall. Every endpoint is an entry into your business, cybercriminals have more access than ever, and human error is a constant risk. Join us to see how Chrome OS and Chrome Browser embed security into workflow to give proactive protection for users, devices, applications, and data.

Click here to watch session!
Identity Detection and Response (IDR): Are You Ready?
Carolyn Crandall, Chief Security Advocate, Attivo Networks
Joseph Salazar, Technical Marketing Engineer, Attivo Networks

81 percent of breaches use stolen credentials, 40 percent of security professionals say protecting Active Directory is core, and 87 percent of organization are increasing investment in identity protection. Whether motivated by risk avoidance or compliance, identity security is a top concern for CISOs of all industries and company sizes. Gartner has even presented it as a Top 3 priority for 2021. Join us to learn about visibility and detection tools that have emerged to protect credentials, entitlements, and the systems that manage them.

Click here to watch session!
Managed Detection and Response: Trends and Insights for the Threat Landscape
Eric Payne, Sr. Enterprise Pre-sales Engineer, Kaspersky

As cyberattacks become more sophisticated, many organizations feel the need for advanced security services that can address growing complexity in real-time, and 24/7. Join us as we share insights and trends discovered during real-life investigations by the Kaspersky Managed Detection and Response team, observations from analyzing incident statistics, and key recommendations.

Click here to watch session!
Insider Risk Management: Trust, Prioritization, and Right-Sized Controls
Joe Payne, CEO, Code42 Software

The evolution of work demands more trust, not less. A security analyst’s well-being comes down to one thing: priorities. And today’ collaboration culture requires a tiered response – both technical and educational. Join us as we explore how these concepts deliver short-term dividends and long-term value for the security team and the business.
A Proactive Approach to Risk Mitigation
Dor Dali, Director of Information Security, Vulcan Cyber

Vulnerabilities are piling up, attack surfaces are growing, and security teams are struggling to maintain SLAs. If security teams are going to get ahead of a flood of security alerts, they can’t take the typical passive approach, where security teams respond when external actors act. Join us to learn how to take a more proactive and intentional approach to risk mitigation.

Click here to watch session!
Demystifying and Implementing Zero Trust
Jason Ellis, Director of Advisory Services, Integral Partners

Wondering how to define and implement Zero Trust? This Zero Trust and IAM Essentials Workshop Overview will help you understand how to determine what Zero Trust really means and the best practical approaches to develop an IAM + ZT strategy. From its history and evolution to building blocks and architecture. The insightful workshop also covers the essentials of Identity and Access Management – the terms, technologies, tools, challenges, exercises, roadmapping, and vendor solutions.

Click here to watch session!
Six Steps To Better Data Control
Yacov Salomon, Founder, Chief Innovation Officer, Ketch

Is your organization’s data an asset, or a liability? The interplay between the promise of data and the imperative of privacy can often devolve into a zero-sum tradeoff: either your organization captures and uses data and AI to grow, or it complies and suffers the competitive consequences. Join us to learn about six steps you can take to gain better control of your data, and put your most valuable asset to work.

Click here to watch session!
Securing the Hybrid Workforce: How to Establish Trust in a Zero Trust World
Ryan Terry, Sr. Solutions Product Marketing Manager, Okta

As companies look for long-term solutions for their hybrid and fully remote workforces, one thing is clear: identity is the new perimeter for today’s businesses. An identity-first approach to security reduces today’s cybersecurity risks and provides the foundation for a zero trust security strategy. Join us to learn how to enable and secure a hybrid workforce, how identity can lay the foundation for any zero trust security initiative, and the kinds of zero trust projects your peers are thinking about now and into the future.

Click here to watch session!
The Great Data Exfiltration: Protecting Business in a Raging Job Market
Joe Payne, President and CEO, Code42 Software

The Great Resignation is upon us, threatening intellectual property in its wake. Nearly 60 percent of employees are now moving to a new company in a similar field, and they’re taking data at alarming rates. Join us to learn how a data security approach rooted in trust, prioritization, and right-sized response to insider risk can create better efficiencies, and pay short-term dividends and long-term value.

Click here to watch session!
XDR and CTI: How they Converge to Improve Security Risk Mitigation
Alon Arvatz, Chief Product Officer, IntSights

Security and risk leaders need more context about the threats across their company’s internal and external attack surfaces — and they need the ability to ensure a rapid and complete response. Join us as we explore the intersection of extended detection and response (XDR) and cyber threat intelligence (CTI). We’ll reveal how CTI extends your company’s monitored environment, ways to improve signal-to-noise ratio to better understand your real risk, and the latest technologies for driving a proactive and automated response.

Click here to watch session!
Compliance as a Catalyst for Reducing Risk
Rob Ellis, Senior Vice President of Strategy, Reciprocity Labs

Compliance is a required part of risk management, but is your compliance tool helping you bridge compliance and risk? Effective compliance is a catalyst for developing a proactive, risk management program by providing effective controls and tools that assess, manage and monitor risk. Join us as we discuss how compliance isn’t just about checking a box, and is instead about proactively protecting your company — and providing assurance so that others trust doing business with you.

Click here to watch session!
Time Off for the Holidays? Cyber Defenses Can’t Afford It
Tony Lee, Vice President, Global Services Technical Operations, BlackBerry

Threat actors are launching major attacks during U.S. holidays. This tactic compelled the FBI and CISA to issue a joint warning stating, “Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months.” Notable examples include the Colonial Pipeline on Mother’s Day, JBS Foods on Memorial Day weekend, and Kaseya on Independence Day. What went wrong? Join us to find out, and for tips on protecting your organization from holiday hacks.

Click here to watch session!

1:00pm - 1:35pm

Back to Basics: Why Any Security Strategy is Flawed Without Them

Nicole Ford, VP & CISO, Carrier (CSO50 Winner for 2021)

Founded by the inventor of modern air conditioning, Carrier is a world leader in high-technology heating, air-conditioning, refrigeration, and fire & security solutions. To address one of the most basic challenges in security – minimizing the risk of phishing attacks – the organization created an award-winning program leveraging digital tools. Join us to learn about it, along with perspectives on IoT security, resilience, and healthy homes and buildings.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:35pm - 2:00pm

Security Operations and the Convergence of Pretty Much Everything

Patrick Vowles, IBM Team Lead – North American Marketing, IBM Security

Today’s organization are implementing a layered security program across a distributed infrastructure with shared responsibility among service providers. But how can they gain visibility into malicious activity and orchestrate effective, business wide responses to attacks? Join us to hear how you can layer in modern tools while keeping the solutions that are already working well for you.

Click here to watch session!

2:00pm - 2:20pm

Networking Break and Live Group Discussion with Arun DeSouza, Chief Information Security & Privacy Officer, Nexteer Automotive

Arun DeSouza, Chief Information Security & Privacy Officer, Nexteer Automotive

The Security and Privacy Risk Nexus of the IoT
Join Arun DeSouza to ask your questions about the intersection of a few of his areas of passion: security, privacy, risk and IoT. This live interactive discussion is a great opportunity to dive into this important topic, hear what your peers have to say, and get the insights of a noted and award-winning security and privacy expert.

Networking Break and Live Group Discussion with Nicole Ford, VP & CISO, Carrier

Nicole Ford, VP & CISO, Carrier

Strategies for Executive-Level Professional Success
Nicole Ford is an IT strategic leader with more than 20 years of success in both the government and private sectors. Join Nicole for an open discussion about the strategies to succeed at the executive level. We’ll talk about credentials, public speaking, and other strategies that can help you get ahead in your career. Bring your questions and challenges for this live, interactive discussion.

2:20pm - 2:50pm

Creating a Pipeline of Security Talent at TIAA

Tim Byrd, SMD CISO, TIAA (CSO50 Winner for 2021)

TIAA is a leading provider of secure retirements and outcome-focused investment solutions to millions of people and thousands of institutions. To address challenges in recruiting qualified security talent, the organization created an award-winning project designed to create a pipeline of future resources and to promote internal mobility and employee retention. Join us to learn about it, along with Tim Byrd’s recent White House visit to discuss cybersecurity and ransomware with business leaders.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

2:50pm - 3:14pm

Why XDR Delivers Better Outcomes to Secure Endpoints

Jason Wright, Sr. Manager, Global Field Product Management, Cisco
Cole Two Bears, VP, Security Services, Thinkgard

The threat landscape’s increasing complexity means we can’t limit protections from sophisticated attacks just on next-gen antivirus or basic endpoint detection and response (EDR). Organizations are now adding extended Detection and Response (XDR), a common-sense approach that recognizes that endpoint security must work seamlessly with other security controls — including identity, network, and email — to defend against attacks. Join us to learn how XDR provides a more holistic and effective approach to threat response.

Click here to watch session!

3:14pm - 3:20pm

Demo: Threat Intelligence and Digital Risk Protection

Rapid7 Threat Command (formerly IntSights) is an advanced external threat intelligence tool that finds and mitigates threats directly targeting your organization, employees, and customers. Join us for this demo to understand how — by proactively monitoring thousands of sources across the clear, deep, and dark web — Threat Command enables you to make informed decisions and rapidly respond to protect your business.

Click here to watch session!

3:20pm - 3:50pm

How Zero Trust Secures Corporate Applications While Improving Employee Experience

Lila Blum, Zero Trust Application Lead, Cisco (CSO50 Winner for 2021)
Carlos Martinez, Information Security Architect, Cisco (CSO50 Winner for 2021)

With 120,000 employees, Cisco is one of the world’s largest providers of networking technologies and services. To enable a more secure method of access to corporate applications while enabling a better user experience for its employees, Cisco IT’s enterprise security organization deployed an award-winning Zero Trust architecture. Join us to learn how this increases the overall security posture of the organization and how it was successfully deployed on a rapid timetable.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

3:50pm - 4:15pm

The Benefits of a Proactive Approach to Cybersecurity

John McClurg, SVP, CISO and Fellow, BlackBerry Ltd.

In this freewheeling conversation, John McClurg talks about the new BlackBerry and its focus on both cybersecurity and IoT devices. He discusses the balance between the pace of business and safety. And he emphasizes the proactive – rather than reactive – approach to securing systems, devices, personas, and data. In an age when we’re becoming more connected, McClurg talks about extending the proactive approach to include AI, as well as IoT devices, such as those found in automobiles and healthcare.

Interviewed by: Charles Pelton, Contributing Editor, CSO, IDG Communications, Inc.

Click here to watch session!

4:15pm - 4:35pm

Identity Detection and Response (IDR): Are You Ready?

Carolyn Crandall, Chief Security Advocate, Attivo Networks
Joseph Salazar, Technical Marketing Engineer, Attivo Networks

81 percent of breaches use stolen credentials, 40 percent of security professionals say protecting Active Directory is core, and 87 percent of organization are increasing investment in identity protection. Whether motivated by risk avoidance or compliance, identity security is a top concern for CISOs of all industries and company sizes. Gartner has even presented it as a Top 3 priority for 2021. Join us to learn about visibility and detection tools that have emerged to protect credentials, entitlements, and the systems that manage them.

Click here to watch session!

The Great Data Exfiltration: Protecting Business in a Raging Job Market

Joe Payne, President and CEO, Code42 Software

The Great Resignation is upon us, threatening intellectual property in its wake. Nearly 60 percent of employees are now moving to a new company in a similar field, and they’re taking data at alarming rates. Join us to learn how a data security approach rooted in trust, prioritization, and right-sized response to insider risk can create better efficiencies, and pay short-term dividends and long-term value.

Click here to watch session!

Demystifying and Implementing Zero Trust

Jason Ellis, Director of Advisory Services, Integral Partners

Wondering how to define and implement Zero Trust? This Zero Trust and IAM Essentials Workshop Overview will help you understand how to determine what Zero Trust really means and the best practical approaches to develop an IAM + ZT strategy. From its history and evolution to building blocks and architecture. The insightful workshop also covers the essentials of Identity and Access Management – the terms, technologies, tools, challenges, exercises, roadmapping, and vendor solutions.

Click here to watch session!

4:35pm - 5:05pm

How Security Rationalization Concepts Focus Funding

Tim Callahan, SVP & Global CSO, Aflac (CSO50 Winner for 2021)

Founded in 1955, Aflac provides financial protection to more than 50 million people worldwide. To focus security funding on practical business priorities, the organization approaches investments on rationalized needs. Join us to learn how this works, along with concepts like anticipatory and proactive security.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

Managing Risk When Heightened Security is Always On

Keith Slotter, VP, Corporate Security, JetBlue Airways (CSO50 Winner for 2021)

Born at JFK in 1999, JetBlue is now a global, award-winning travel company and a leading carrier in Boston, Fort Lauderdale-Hollywood, Los Angeles, Orlando, and San Juan. With security a mission-critical concern, JetBlue created a CSO50 award-winning security champions program to blend security into the culture of the overall organization. Join us to hear about this project, along with other ways JetBlue manages risk.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

On Demand

On Demand Sessions Available (November)

Session descriptions listed in “On Demand Sessions” tab above.

Challenge Security’s Rules: Transform the Threat Surface to Proactive Control
Robert DeVito, Global Director, Customer & Partner Sales Engineering, Chrome

Identity Detection and Response (IDR): Are You Ready?
Carolyn Crandall, Chief Security Advocate, Attivo Networks
Joseph Salazar, Technical Marketing Engineer, Attivo Networks

Managed Detection and Response: Trends and Insights for the Threat Landscape
Eric Payne, Sr. Enterprise Pre-sales Engineer, Kaspersky

Insider Risk Management: Trust, Prioritization, and Right-Sized Controls
Joe Payne, CEO, Code42 Software

A Proactive Approach to Risk Mitigation
Dor Dali, Director of Information Security, Vulcan Cyber

Demystifying and Implementing Zero Trust
Jason Ellis, Director of Advisory Services, Integral Partners

Six Steps To Better Data Control
Yacov Salomon, Founder, Chief Innovation Officer, Ketch

Securing the Hybrid Workforce: How to Establish Trust in a Zero Trust World
Ryan Terry, Sr. Solutions Product Marketing Manager, Okta

The Great Data Exfiltration: Protecting Business in a Raging Job Market
Joe Payne, President and CEO, Code42 Software

XDR and CTI: How they Converge to Improve Security Risk Mitigation
Alon Arvatz, Chief Product Officer, IntSights

Compliance as a Catalyst for Reducing Risk
Rob Ellis, Senior Vice President of Strategy, Reciprocity Labs

Time Off for the Holidays? Cyber Defenses Can’t Afford It
Tony Lee, Vice President, Global Services Technical Operations, BlackBerry

1:00pm - 1:30pm

Adapting with Speed to Address Security and Privacy

Jason Lee, CISO, Zoom Video Communications (CSO50 Winner for 2021)

Zoom is one of the largest providers of video communications for business. In March 2020, with a sudden demand for hundreds of thousands of daily meeting participants on its platform, Zoom realized it needed to rapidly boost security and privacy. Join us to learn how they developed and delivered a 90-day plan, along with views on hybrid work, working with the board, and the role of physical security for CISOs.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:30pm - 1:50pm

The XDR Approach to Interconnecting Tools and Workflows

Chris Meenan, VP, Security Product Management, IBM

In this Q&A session, Chris Meenan examines how the patchwork of management and security tools in many enterprises hinders their ability to effectively detect and respond to attacks. The issue with so many tools: poor integration. An open-hybrid eXtended Detection & Response (XDR) approach helps interconnect both tools and workflows, while still allowing businesses, security teams, and IT to obtain value (and avoid heavy customization) from the tools they already own or lease and operate.

Interviewed by: John Gallant, Enterprise Consulting Director, IDG Communications, Inc.

Click here to watch session!

1:50pm - 2:10pm

Networking Break and Live Group Discussion with Keith Slotter, VP, Corporate Security, JetBlue Airways

Keith Slotter, VP, Corporate Security, JetBlue Airways

Combatting Internal and External Fraud
Keith Slotter has a wealth of experience to share having spent 24 years as Special Agent in Charge at the FBI and now as VP, Corporate Security at JetBlue Airways. Don’t miss your chance to ask Keith about managing insider threats, strategies used to combat external fraud attacks, and how to enlist all staff in promoting safety and preventing fraud. Join Keith for an open discussion and sharing of ideas. Seating is limited and first-come, first-served!

2:10pm - 2:35pm

Safeguarding Sensitive Data

Beth Saylor, Sr. Manager, Global Information Governance, Aflac (CSO50 Winner for 2021)

Founded in 1955, Aflac provides financial protection to more than 50 million people worldwide. To standardize processes, enhance efficiencies, and reduce costs, Aflac modernized its eDiscovery process. Join us to learn how this new approach is reducing the amount of sensitive data that leaves Aflac’s control and provides greater visibility into the data and review activities of internal and external partners.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

2:35pm - 2:55pm

Moving Security to a Platform

Jessica Bair, Director, Cisco Secure Technical Alliance, Cisco

When it comes to the technologies they use, security organizations have always sat at the tipping point between favoring best-of-breed solutions versus a platform approach. While each has its own merits, true security technology platforms that cover the wide range of IT environments out there were difficult to come by. But today’s complex threat landscape, defined by the velocity of attacks and complexity of IT environments, benefits greatly from security platforms that leverage automation and integration to simplify security and improve its effectiveness. Join us, as we dig into these topics and get her take on “simplified security”.

Click here to watch session!

2:55pm - 3:25pm

Reducing the Impact of Security Incidents Through Detection

Adrian Ludwig, Chief Information Security Officer, Atlassian (CSO50 Winner for 2021)

A leader in collaborative software and tools for teamwork, Atlassian is focused on reducing the impact of security incidents. Its award-winning detections program encompasses concepts, automation tooling, frameworks, and specific work engineered by security analysts to detect potential or realized breaches. Join us to learn how it works, along with their approaches to application security, intellectual property theft, and Zero Trust.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

3:25pm - 4:00pm

Securing IoT, Operational Technology, and Manufacturing 4.0 Environments

Arun DeSouza, Chief Information Security & Privacy Officer, Nexteer Automotive (CSO50 Winner for 2021)

Nexteer Automotive creates products and services for the automotive industry. With expanding digital transformation and manufacturing 4.0 initiatives, IoT and operational technology devices are exploding in manufacturing environments. Join us to learn how Nexteer’s award-winning approach project enables security of these devices, along with the roles of Zero Trust, software defined perimeter, and self-sovereign identity in today’s enterprise environments.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

4:00pm - 4:25pm

Deploying Zero Trust to Work from Anywhere

Randy L. Herold, CISO & CPO, ManpowerGroup (CSO50 Winner for 2021)

With 28,000 employees, ManpowerGroup is a global workforce solutions company that helps organizations by sourcing, assessing, developing, and managing talent. As supply chain disruptions caused by the pandemic were impacting companies around the globe, ManpowerGroup needed to provide a secure, scalable and effective Zero Trust solution to enable employees, clients, and associates to meet remote work requirements. Join us to learn how they rapidly deployed their solution, along with management advice on the role of the CISO, and the boardroom.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

4:30pm-5:00pm

CSO50 and CSO Hall of Fame Awards Ceremony

Join us for this very special awards ceremony where we’ll recognize 50 organizations that won a CSO50 award for 2021, along with our 2021 class of CSO Hall of Fame winners who’ll share their insights and career advice.