Loading Events
May 14 | 9:45 am EDT - 6:00 pm EDT

May Virtual Cyber Executive Forum 2021

ISSA Cyber Executive Forum is a quarterly gathering of some of the brightest minds in the cyber security world.

  • This event has passed so registration is closed.

May 2021 Cyber Executive Forum Speaker Lineup

Udayan Borkar

Udayan Borkar is a Director of Product Management at Bitglass, Inc and is currently working on our SASE product offering. Mr. Borkar is an industry…

Read more

Tim Sadler

Tim Sadler is Co-founder & CEO of Tessian, a venture-backed cybersecurity company that stops threats, not business, by securing the human layer. Tessian has 140…

Read more

Marcus Sachs

Marcus Sachs is the Deputy Director for Research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. He is also the Chief Security…

Read more

Zachary (Zach) Tudor

Zachary (Zach) Tudor is the Associate Laboratory Director of Idaho National Laboratory’s National and Homeland Security Science and Technology Science and Technology directorate, a major…

Read more

Jennifer Minella

Jennifer Minella is VP of Engineering and Security with Carolina Advanced Digital, Inc. In her engineering role, Minella leads strategic research and consulting for government…

Read more

Kevin Johnson

Kevin Johnson is a Senior Security Analyst with Secure Ideas. Kevin came to security from a development and system administration background. He has many years…

Read more

Jorge Orchilles

Jorge Orchilles is the Chief Technology Officer of SCYTHE and co-creator of the C2 Matrix project. He is a SANS Certified Instructor and the author…

Read more

Candy Alexander

Ms. Alexander has over 30 years of experience in the cybersecurity profession, receiving multiple international industry recognition awards. She has held several positions as CISO…

Read more

Ready to Explore Registration Options?

Guest registration is available to new and returning guests

May 2021 Cyber Executive Forum

Please note that the table is scrollable (left and right swipe) on mobile devices.

Time Session Speaker
9:50 AM to 10:00 AM


  • Candy Alexander – President of the Board, ISSA International & CISO, NeuEon, Inc.
10:00 AM to 10:15 AM

Breakfast talk – SAT is Dead. Long Live SAT

Security Awareness Training (SAT) just isn’t working: for companies, for security teams, for employees. It's expensive, it's boring and, because of its one-size-fits approach, it's not resonating either. So, should we ditch SAT altogether? Absolutely not! But businesses do need a new approach

10:15 AM to 10:30 AM


10:30 AM to 11:15 AM

Managing the Security Unknowns

Donald Rumsfeld, former Secretary of Defense, said in 2002 during a press conference that there are “unknown unknowns—the ones we don't know we don't know.” His statement about unknown information is directly applicable to security professionals. Most CISOs understand that the first step in a security plan is to identify systems, people, assets, data, and capabilities in the organization. After all, you can’t secure what you don’t know about. The discovery process helps to move unknown assets and capabilities to the known category. But what about those items you think you have but cannot find? Or even worse – those you don’t even know to look for? This talk examines this problem in the context of security discovery and how to apply it to the CISO’s job of understanding and managing security risks.

  • Marcus Sachs – Deputy Director for Research, Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security
11:30 AM to 12:15 PM

CISO’s Network Security Trends Cheat-Sheet

What every CISO should know about today’s trends in infrastructure security and operations, from the latest WiFi security standards to SASE, SD-WAN, XDR, and more. Learn about the shifts and 3-year outlook that will impact skills requirements, compliance, and risk management in the SOC and NOC.

  • Jennifer Minella – VP of Engineering and Security, Carolina Advanced Digital
12:30 PM to 12:45 PM

Lunch and Learn – The Rise of Secure Access Service Edge (SASE)

Secure access service edge (SASE) offerings are cloud-delivered platforms that give consistent security across different applications, devices, web destinations, on-premises resources, and infrastructure. To achieve this, these platforms deliver a variety of functionality from complementary security solutions. As organizations operate in our frenetic business world, SASE becomes imperative.

1:00 PM to 1:50 PM

Executive Roundtables

2:00 PM to 2:45 PM

A Consequence-based Approach to Supply Chain Security

From the White House to Capitol Hill to the research and development community, the term supply chain is quickly becoming in vogue. Most modern machinery has evolved to a point of complexity that no one organization can effectively manufacturer it alone. A global supply chain is required to produce the equipment necessary to own and operate everything from smart homes to power grids. But more than ever, there is a growing recognition that the software and hardware we rely on to perform everything from routine tasks to critical services could be compromised. In the aftermath of the SolarWinds hack, private industry and the federal government are together reexamining their state of awareness and asking, “what exactly is in my equipment?” This presentation will discuss the risk to supply chain security, examine its impact on the nation’s critical infrastructure systems, and discuss ongoing research efforts aimed at curbing this growing threat.

  • Zachary (Zach) Tudor – Associate Laboratory Directo, Idaho National Laboratory’s National and Homeland Security Science and Technology Science and Technology
2:45 PM to 3:00 PM

Break Network

3:00 PM to 3:55 PM

Executive Roundtables

4:00 PM to 4:45 PM

The Konami Code

The Secret Code to Power Up your SDLC SecuritAs with the Konami Code, Kevin Johnson of Secure Ideas will explore how we can “power up” the integrations and interactions between security and development. How do we “shift left” and ensure that we are detecting and remediating security issues as early as possible within our SDLC. In this presentation, Kevin will provide the five main items that you should be doing to increase the power of your security programs working within your development teams.

5:00 PM to 5:45 PM

Introduction to Purple Team

Your Cyber Threat Intelligence team identified an adversary that has the capability, internet, and opportunity to attack your organization and provided those adversary behaviors to the red team. The red team emulated those same tactics, techniques, and procedures (TTPs) in your production environment while the Blue Team watched and learned how the attack works. Then the blue team showed everyone how they identify those adversary behaviors and follow their response process to quickly mitigate the threat. All your security teams collaborated and efficiently tested, measured, and improved your people, process, and technology! A month has passed, what happens next? This talk picks up after your first successful Purple Team Exercise is complete and teaches you how to continue maturing and improving your security program by operationalizing the collaboration between your security teams (Cyber Threat Intelligence, Red Team, and Blue Team). You don’t have to wait for the next scheduled, formal exercise to continue testing your people, process, and technology. You can leverage new Cyber Threat Intelligence and collaborate with your team to test new TTPs through a process called Detection Engineering

5:45 PM to 6:00 PM

Closing Remarks

Get Answers to Your Questions About the May 2021 Cyber Executive Forum

Click on the button below to get in touch with us.

Register Now for the May 2021 Cyber Executive Forum

Beginning Tuesday, February 1 everyone age five years or older will be required to show proof of two doses of the COVID vaccine, except for those who have received one dose of the Johnson & Johnson vaccine, or a negative PCR, molecular, or antigen test within 72 hours at restaurants, bars, conferences and other businesses.


ISSA Cyber Executive
ISSA Cyber Executive Members only register here

Existing ISSA Cyber Executive Members attend for free


ISSA Cyber Executive
ISSA general members register here

Members may get one guest attendance, pending approval

ISSA Cyber Executive Forum

ISSA Cyber Executive
First-Time Guests

Complimentary meeting registration (attendance is subject to approval)

Not a Member of ISSA's Cyber Executive Yet?

Join today and get free access to the Cyber Executive Forum as well as other exclusive benefits.

May 2021 Cyber Executive Forum Event Sponsors

Scroll to Top