February Virtual Cyber Executive Forum 2021

Welcome by Candy Alexander. President of ISSA International

Coffee Talk Hosted by Netenrich -Threat and Attack Surface Intelligence

There’s no lack of threat intelligence about what adversaries do “out there,” but it doesn’t tell you how they view your company network. To manage external risk you need attack surface intel to show your most likely attack vectors—and which to fix first. Integrating threat and attack surface intelligence delivers the context needed to prioritize and remediate risk. The combination gives you a major advantage in reducing risk from external assets (domains, email addresses, certificates, shadow IT) and improving SecOps.

The State of the Cybersecurity: How to Hire and Retain in a Zero Percent Unemployment Market

The unemployment rate for cybersecurity professionals—the people protecting us from cyber-attacks—is zero (some studies say it could be even higher), and the majority of these professionals (59%) are open to leaving their current jobs. This recruiting and retention challenge is a very serious national security issue. It’s no wonder the question I am most frequently asked is: “What are the ‘best ways’ to attract, hire and retain talent?” In this talk, Deidre will discuss what she sees every day as the Founder and CEO of CyberSN, the largest solely focused cybersecurity talent acquisition firm in the US. With the right strategies, leadership can create teams that are more successful, and with greater retention rates.

Compliance is not security: Dennis Miller, Security Architect | Cybersecurity | Systems Analyst | PCI

Break-Network /Visit Virtual Exhibits

Lunch and Learn – Establishing a Risk Aware Culture in the Enterprise

Establishing a Risk Aware Culture in the Enterprise

With data exposure events on the rise in 2021, CISOs everywhere are faced with the increasing challenges of instituting a successful insider risk strategy. Security needs to be moving at the speed of business where time to market and speed of innovation are critical outcomes. By attending this session, executive teams will learn how establishing a risk aware culture in the Enterprise can reduce the complexities of data security while promoting healthy collaboration.”
establishing a risk aware culture

Executive Roundtables

Software supply chain attacks, what they are, and how to threat model, and how to prepare for the inevitable next one

The news that SolarWinds was breached and used to distribute malicious code rocked the security world in December. In this session, Jake Williams founder and chair of the inaugural SANS Supply Chain Security Summit, will discuss software supply chain attacks, what they are, and how to threat model, and how to prepare for the inevitable next one.

Break-Network /Visit Virtual Exhibits

Building a Trusted ICT Supply Chain

US Cyberspace Solarium Commission’s October 2020 Report on “Building a Trusted ICT Supply Chain” specifies five key and eight supporting recommendations to build trusted supply chains for critical ICT technologies. The paper supports reinvigorating American high-tech manufacturing and innovation with partner nations to ensure continual availability of these goods and materials. In addition, the white paper recommends an approach to ensure that American and partner companies are able to compete in global markets through the use of strategic government investment and instruments of the development community.
• Identifying key technologies and equipment.
• Ensuring minimum viable (US / partner) manufacturing capacity.
• Protecting supply chains from compromise.
• Stimulating a domestic market through targeted infrastructure investment.
• Ensuring global competitiveness of trusted supply chains, including USA and partner companies.

Executive Roundtables

Break-Network /Visit Virtual Exhibits

Failures in the IoT/ICS CIA

Failures in the IoT/ICS CIA model can have dire effects on privacy and personal Safety. Security architectures need to blend information technology (IT) and operational technology (OT) goals. Work From Home (WFH) has destroyed the traditional border defense architecture. Blue Team architects now have to consider the following new areas: the home network, ISP interactions, balancing Information Technology (IT) security vs. Operational Technology (OT). Data and Identity are the new borders. This talk discusses the differences between IT/OT security requirements and suggestions on designing a defensive architecture for this new environment.

Closing Remarks