Loading Events
February 19 | 9:45 am EST - 6:00 pm EST

February Virtual Cyber Executive Forum 2021

ISSA's Cyber Executive Forum is a quarterly gathering of some of the brightest minds in the cyber security world. Join other cyber security leaders on February 19 from 9:45 am EST to 6:00 pm EST from the convenience of your smartphone or laptop for the latest "can't-miss" ISSA virtual Cyber Executive Forum.

Sneak Peak!  Cyber Executive February Session!

Software supply chain attacks, what they are, and how to threat model

  • This event has passed so registration is closed.

February 2021 Virtual Cyber Executive Forum Speaker Lineup

Candy Alexander

Candy Alexander

Candy Alexander has been working in cyber security for 30 years, growing up within the profession. She has held several positions as CISO for which…

Read more

Don Davidson

Don Davidson is Director, Cyber-SCRM Programs at Synopsys, where he is assisting in the stand-up of a new Chief Security Office (CSO) in the Office…

Read more

Deidre Diamond

Talent and technology veteran, Deidre Diamond, Founder, and CEO of CyberSN and Secure Diversity, has created the largest cybersecurity talent acquisition service and technology firm…

Read more

Jake Williams

Jake Williams is an accomplished infosec professional with almost two decades of industry experience. After spending more than a decade in the US Intelligence Community…

Read more

Dennis Miller

Dennis Miller is the founder, president, and Security Architect of Talent Cyber Security (TCS) located in Albany Oregon. TCS focuses on supporting and empowering local…

Read more

Randy Marchany

Randy is the Chief Information Security Officer of Virginia Tech and the Director of Virginia Tech's IT Security Laboratory and has 25 years experience as…

Read more

Brandon Hoffman

Brandon is an admired CTO and security executive well-known for driving sales growth and IT transformation. He is responsible for Netenrich’s technical sales and security…

Read more

Robert Morgus

Robert Morgus is a Senior Director for the US Cyberspace Solarium Commission, where he directs research and analysis for Task Force Two. At the Commission,…

Read more

Tommy Todd

20 Years in Cyber Security. Data Privacy/Data Protection Focused. Data Privacy Rights Public Speaker. CISSP Certified

Read more

Ready to Explore Registration Options?

Guest registration is available to new and returning guests

February 2021 Virtual Cyber Executive Forum Agenda

Please note that the table is scrollable (left and right swipe) on mobile devices.

Time Session Speaker
9:50 AM to 10:00 AM

Welcome by Candy Alexander. President of ISSA International

10:00 AM to 10:15 AM

Coffee Talk Hosted by Netenrich -Threat and Attack Surface Intelligence

There’s no lack of threat intelligence about what adversaries do “out there,” but it doesn’t tell you how they view your company network. To manage external risk you need attack surface intel to show your most likely attack vectors—and which to fix first. Integrating threat and attack surface intelligence delivers the context needed to prioritize and remediate risk. The combination gives you a major advantage in reducing risk from external assets (domains, email addresses, certificates, shadow IT) and improving SecOps.

10:15 AM to 11:00 AM

The State of the Cybersecurity: How to Hire and Retain in a Zero Percent Unemployment Market

The unemployment rate for cybersecurity professionals—the people protecting us from cyber-attacks—is zero (some studies say it could be even higher), and the majority of these professionals (59%) are open to leaving their current jobs. This recruiting and retention challenge is a very serious national security issue. It’s no wonder the question I am most frequently asked is: “What are the ‘best ways’ to attract, hire and retain talent?” In this talk, Deidre will discuss what she sees every day as the Founder and CEO of CyberSN, the largest solely focused cybersecurity talent acquisition firm in the US. With the right strategies, leadership can create teams that are more successful, and with greater retention rates.

  • Deidre Diamond – Founder and CEO of CyberSN, Founder of Secure Diversity, CyberSN
11:15 AM to 12:00 PM

Compliance is not security

PCI, HIPPA, and other compliance rules do not ensure an organization is secure. Compliance is merely a snapshot of the way things are at a moment in time. An organization can be certified compliant today but someone opening a phishing email tomorrow could leave the organization vulnerable. (see Target and Home Depot for examples of this). Compliance is not a goal or a project, but the result of implementing security into business processes.

Unfortunately, there are a lot of mixed messages from industry and the security community about methods and practices. There are countless vendors who claim their products and services guarantee compliance. However, the reality is that a silver bullet does not exist and probably never will. Being certified compliant also lures management into complacency.

One of the ways to combat this is to eliminate the term “Best Practices” from the security nomenclature. Best Practices usually wind up as a set of checklists to complete and a manager to sign, thus giving a false sense that the business is secure. Compliance is a process that evolves as an organization, technology, and threats also evolve

12:00 PM to 12:15 PM

Break-Network /Visit Virtual Exhibits

12:15 PM to 12:35 PM

Lunch and Learn – Establishing a Risk Aware Culture in the Enterprise

Establishing a Risk Aware Culture in the Enterprise

With data exposure events on the rise in 2021, CISOs everywhere are faced with the increasing challenges of instituting a successful insider risk strategy. Security needs to be moving at the speed of business where time to market and speed of innovation are critical outcomes. By attending this session, executive teams will learn how establishing a risk aware culture in the Enterprise can reduce the complexities of data security while promoting healthy collaboration.”
establishing a risk aware culture

  • Tommy Todd – Vice President of Security, Code 42
12:45 PM to 1:45 PM

Executive Roundtables : Risk Management: It's All About Time

We grant attackers far too much time to operate unchecked in our networks. Most “detections” actually occur by accident or by luck

  • Jeff Schmidt – VP and Chief Cyber Security Innovator, Covai
12:45 PM to 1:45 PM

Executive Roundtables : SolarWinds: supply chain fiasco or another day different defect?

The ‘winds’ are telling us that the majority of businesses using SolarWinds products could never have seriously done anything about it.

1:45 PM to 2:30 PM

Software supply chain attacks, what they are, and how to threat model, and how to prepare for the inevitable next one

The news that SolarWinds was breached and used to distribute malicious code rocked the security world in December. In this session, Jake Williams founder and chair of the inaugural SANS Supply Chain Security Summit, will discuss software supply chain attacks, what they are, and how to threat model, and how to prepare for the inevitable next one.

2:30 PM to 2:45 PM

Break-Network /Visit Virtual Exhibits

2:45 PM to 3:30 PM

Building a Trusted ICT Supply Chain

US Cyberspace Solarium Commission’s October 2020 Report on “Building a Trusted ICT Supply Chain” specifies five key and eight supporting recommendations to build trusted supply chains for critical ICT technologies. The paper supports reinvigorating American high-tech manufacturing and innovation with partner nations to ensure continual availability of these goods and materials. In addition, the white paper recommends an approach to ensure that American and partner companies are able to compete in global markets through the use of strategic government investment and instruments of the development community.
• Identifying key technologies and equipment.
• Ensuring minimum viable (US / partner) manufacturing capacity.
• Protecting supply chains from compromise.
• Stimulating a domestic market through targeted infrastructure investment.
• Ensuring global competitiveness of trusted supply chains, including USA and partner companies.

  • Don Davidson – Director, Cyber-SCRM Programs, Synopsys
  • Robert Morgus – Sr. Director, Task Force 2, US Cyberspace Solarium Commission
3:30 PM to 4:30 PM

Executive Roundtables : Biggest Cyber Surprises of 2020 what did you discover in 2020 that was unexpected? Shortfalls in delivery?

What did you discover in 2020 that was unexpected? Shortfalls in delivery? Expected problems which were not?

3:30 PM to 4:30 PM

Executive Roundtables : Trends in Third-Party Risk: What’s New in 2021?

As the world changes, the way you manage your third-party relationships should change too. What trends can we expect in 2021? What challenges will we face and what proactive measures can you take to stay ahead of the curve? Hear from your peers as we discuss how to adapt to current and future trends and future-proof your third-party risk management program to the best of your ability.

  • Jaymin Desai – Third-Party Risk Management Offering Manager, OneTrust
4:30 PM to 4:45 PM

Break-Network /Visit Virtual Exhibits

4:45 PM to 5:30 PM

Failures in the IoT/ICS CIA

Failures in the IoT/ICS CIA model can have dire effects on privacy and personal Safety. Security architectures need to blend information technology (IT) and operational technology (OT) goals. Work From Home (WFH) has destroyed the traditional border defense architecture. Blue Team architects now have to consider the following new areas: the home network, ISP interactions, balancing Information Technology (IT) security vs. Operational Technology (OT). Data and Identity are the new borders. This talk discusses the differences between IT/OT security requirements and suggestions on designing a defensive architecture for this new environment.

  • Randy Marchany – Chief Information Security Officer and Director of IT Security Laboratory, Virginia Tech
5:30 PM to 5:45 PM

Closing Remarks

Get Answers to Your Questions About the February 2021 Virtual Cyber Executive Forum

Click on the button below to get in touch with us.

Register Now for the February 2021 Virtual Cyber Executive Forum Agenda

Cyber Executive Forum

ISSA Cyber Executive
Current Cyber Executive Members

Existing ISSA Cyber Executive Members attend for free

ISSA Cyber Executive Forum

ISSA Cyber Executive
Returning Guests

Complimentary meeting registration (attendance is subject to approval)

ISSA Cyber Executive Forum

ISSA Cyber Executive
First-Time Guests

Complimentary meeting registration (attendance is subject to approval)

Not a Member of ISSA's Cyber Executive Yet?

Join today and get free access to the Cyber Executive Forum as well as other exclusive benefits.

February 2021 Virtual Cyber Executive Forum Event Sponsors

Interested in Getting Your Message in Front of Senior Level Cyber Security Decision Makers?

Click on the button to the right to contact us about sponsorship opportunities.

Scroll to Top