CISO Cloud Summit | November 18-20, 2019 | Westin Kierland Resort & Spa - Scottsdale, AZ, USA

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Sunday, November 17, 2019 - CISO Cloud Summit

12:00 pm - 1:00 pm

Registration & Greeting

 

1:00 pm - 1:10 pm

Welcome & Opening Remarks

 

1:10 pm - 1:45 pm

Keynote Presentation

All Eyes on You

Security breaches are the most intimidating threats for CISOs and security executives. Because of that, upper level management, shareholders and even consumers are focusing now more than ever on the security department. With that, CISOs need to see this as an opportunity to work closely with business stakeholders to incorporate cybersecurity strategy with their organization's business initiatives. This is an ideal opportunity to address skill shortages and increase professional development of the internal security workforce.

Takeaways:

  1. How the CISO's role has changed
  2. The latest security threats and how they can positively impact your team
  3. How to measures your teams shortcomings and areas for improvement
 

1:50 pm - 2:25 pm

Keynote Presentation

Case Studies in Digital Transformation: Learnings Along the Journey

We will explore key learnings from various industries and verticals on the good, the bad and the ugly of digital transformation. We will have an opportunity to not only be exposed to successful use cases, but also ask the hard questions behind those successes.

Takeaways:

  1. One of the best ways to learn is to hear the stories of success (and failure) from companies similar to yours.
  2. Asking questions of HOW the journey unfolded are just as important as the end result
 

2:30 pm - 2:55 pm

Executive Exchange

 

Thought Leadership

Can Technology Alone Prevent Phishing Attacks & Breaches?

In a world where we are talking about trusting self-driving cars, will we totally trust self "threat assessing and action taking" cybersecurity systems? Is technology enough? What is the human role in both preventing and responding to attacks.

Takeaways:

  1. Employees continue to be one of the leading, if not the leading, entry point for security breaches
  2. Training about cyber attack approaches such as Phishing is important but using technology can help employees more consistently identify outside forces attempting to harm your company
 

3:00 pm - 3:25 pm

Executive Exchange

 

Think Tank

Regulations Mean Change

More complex regulations, such as the General Data Protection Regulation (GDPR), have come into play due to the rise of data breaches forces. As data today is viewed as a such an asset, it is also a tremendous liability. Understanding that, organizations must consider both while they implement technologies that will be both innovative their business, but also cost effective.

Takeaways:

  1. Understand the latest regulations, such as GDPR
  2. How to tell your CEO and other business stakeholders that data protection can be a key differentiator for your organization
  3. The steps needed to take to be regulatory compliant

Think Tank

Core and Digital Transformation - From Planning to Transformational Outcomes

Managing a single transformation is hard enough, but running polymorphic transformation initiatives requires exceptional focus and execution. While most organizations know they need to transform, the what and how can vary. Foundational activities, such as building out a modern application platform, may seem minor but ignoring this key step is a top reason most projects stall or fail. Improving business process to meet the demands of digital era is a vital imperative. 

In this session, we will share best practices for a smooth journey into digital transformation to help you imagine what's possible today, and beyond to forward-thinking initiatives.

 

3:25 pm - 3:35 pm

Networking Break

 

3:40 pm - 4:05 pm

Executive Exchange

 

Thought Leadership

Mobile-centric Zero Trust Security Framework

Passwords are no longer sufficient protection against breaches because users are accessing information from a variety of untrusted devices, apps, networks, locations and services. So, in the reality of today's security world how does an organization protect itself? One answer is with a Zero Trust approach and framework to security. But with numerous theories about Zero Trust, how do you ensure that you've taken the right approach? in this session, discover how to: 

Takeaways: 

  • Drive business innovation with mobile productivity by giving employees the ability to use mobile, cloud and endpoints 
  • Enforce corporate security without impacting the user experience 
  • Redefine enterprise security strategies to address a perimeter-less environment
 

4:10 pm - 4:35 pm

Executive Exchange

 

Think Tank

The Solution for Your Legacy System's Security: The Cloud

Over lifespan of an organization, CIOs/CISOs have developed and implemented technologies that has been key to the organization's success. However, CISOs and their security teams today find themselves stuck ensuring that legacy systems are secure. The solution is cloud-delivered security products that are more agile with the ability to implement new detection methods and services faster than on-site solutions. While cloud security is an ideal solution, it is important to know that using the cloud is more than moving legacy management servers to the cloud. 

Takeaways:

  1. Review the status of legacy system security
  2. What cloud solutions are the best fit for their business
  3. What are the main needs in regards to system's scale, data telemetry, staff growth, machine learning, API-based access, and more

Think Tank

The Future of Autonomous Things

Today, we are seeing more Autonomous Things technology than ever before. As a result, functions formerly performed by humans are being replaced with AI. This technology's automation goes beyond the automation by using AI to deliver innovative behaviors that interact more efficiently and effectively with their surroundings and with their end-users. 

Takeaways: 

  1. Cover the latest innovations in autonomous and networked entities for 2019 
  2. Learn how these innovations will shape the different industries and business landscapes
  3. Discuss the potential compromises to privacy and safety in the future of AI

 

4:40 pm - 5:05 pm

Solutions Spotlight

Deep dives into the latest and greatest technology solutions to today's business problems. 
 

5:10 pm - 6:10 pm

Executive Visions Panel

The Revitalizing Change in the Role of the CISO

A CISO's role, goals and objectives have drastically changed over the years as most CISOs supervise teams and units beyond their IT's security. Because of these changes in responsibilities, a CISO's success is measured in greater business metrics. As a result, the role of a CISO has become both more attractive and more demanding.

Takeaways:

  1. What are the significant changes regarding the role of the CISO
  2. How to keep up with the changing requirements
  3. How to properly measure a CISO's success
 

6:30 pm - 7:30 pm

Summit Networking Happy Hour

 

7:30 pm - 8:30 pm

Welcome Dinner & Entertainment

 

8:30 pm - 9:30 pm

After Dinner Networking Reception

 

Monday, November 18, 2019 - CISO Cloud Summit

7:45 am - 8:30 am

Registration & Networking Breakfast

 

8:30 am - 8:40 am

Welcome & Opening Remarks

 

8:40 am - 9:15 am

Keynote Presentation

Digital Transformation for Customers, Beyond IT

As part of the digital evolution, industrial systems are more and more connected. This means that more data are collected, analysed and exploited in our benefit, but at the same time, more exposed. Every day digital transformation is delivering benefit to companies from all industries and from all sizes, impacting both operations and business models to deliver more value from data analysis. How do we manage this transformation extending IT security will be a key component.

 

9:20 am - 9:55 am

Keynote Presentation

Addressing Privacy on a Global Scale

Of all the risk management issues that present themselves to the modern-day CISO, perhaps the most difficult to address is that of privacy. In and of itself, privacy is no different a challenge than protecting any other sensitive information, however the multi-jurisdictional impacts of the issue due to wildly differing laws between the US and European countries make this an issue that is often times overwhelming to address. CISOs must work diligently to ensure that their privacy efforts conform with the standards of any jurisdiction with which they might work, where their data might be held and this is an almost overwhelming task.

Takeaways:

  1. Privacy is one of the most challenging issues for any business and CISO to address
  2. The difference in regulations between and among European countries (both those in and out of the EU itself) and North American ones means traversing a fraught landscape
  3. A strong approach to privacy that addresses global differences is essential to being a stable and viable global business
 

10:00 am - 10:25 am

Executive Exchange

 

Think Tank

Machine Learning Is Here to Help, Not Replace

Over the next few years, machine learning (ML) will be a regular security practice and will offset skills and staffing shortfalls. Today though, ML is better at addressing smaller, more specific problems. Technology leaders have to understand that humans and machines complement each other and work better together than alone, as ML can assist humans in addressing uncertainty by presenting relevant information.

Takeaways:

  1. Discuss the ways machine learning can assist teams and organizations
  2. How to make the right machine learning choices for your organization
  3. The future of machine learning

Think Tank

CIOs & CISOs: One Foot on the Gas & One Foot on the Brake?

CIOs are facing increasing pressure to guide their companies to rapidly adopt new technologies and solutions to keep their companies competitive in their industry. CIOs are facing increasing pressure to keep their company and its data safe and secure from all threats. Without great vision and cooperation with CISOs these goals can appear to be at cross purposes. 

Takeaways: 

  1. CIOs and CISOs are both facing pressures that could seem to be at cross purposes. 
  2. CIOs and CISOs must work very closely together to accomplish both their individual organizational goals but also the overarching company goals to thrive.

 

10:30 am - 10:55 am

Executive Exchange

 

Thought Leadership

Machines Are Friends Not Foes: Cognitive Computing Accelerates the Journey

Popular movies, books and television shows typically position advanced technology as a threat to humanity and all we hold dear. Yet cognitive computing technologies such as Artificial Intelligence (AI), Machine Learning (ML), Natural Language Processing and Augmented Reality (AR) are helping CIOs and CISOs make better decisions faster.

Takeaways:

  1. We will discuss how cognitive computing can help us navigate the acceleration of activity and decisions that we are experiencing on our digital transformation journeys.
  2. New cognitive computing technologies can be unnerving and difficult to trust.
  3. Used properly, cognitive computing technologies such as AI, ML and AR can provide data to humans in such a way to enable us to better prioritize the decisions we must make and make those decisions more effectively.
 

10:55 am - 11:05 am

Networking Break

 

11:10 am - 11:35 am

Executive Exchange

 

Thought Leadership

3 Best Practices for Application Security (and Bonus Tip)

Applications are the lifeblood of the enterprise, but as the threats multiply, as applications move to the cloud, as legacy applications need to be maintained, and as organizations seek competitive advantage with new technologies and faster release cycles, it's easy to see that application security can be a thankless, endless and challenging job. 

Imperva has distilled three best practices (and a bonus tip) that help enterprises of any size vastly improve and simplify application security, accelerate threat detection and operationalize application security in a dynamic world where change is the only constant.

 

11:40 am - 12:05 pm

Executive Exchange

 

Think Tank

Geopolitical Landscape's Effects on Organizations

The recent U.S. government bans against Russian-based security products and Chinese smartphones are the latest results of suspicion and distrust of competing world powers. Organizations working with government entities must be aware of the geopolitical stipulations regarding their business relationships. Even with the geopolitical landscape, the buying decisions of security products are still based on trust in the supplier. It is important for CISOs and security leaders to incorporate geopolitical risk in all business-critical software, hardware and services purchasing decisions - even if that means considering local alternatives.

Takeaways:

  1. Review the geopolitical landscape and how it has effected industries and organizations
  2. What to be aware of with your buying decisions
  3. What to anticipate and prepare for in the coming years

Think Tank

Planning for a Multi-Cloud Future

The promise of the cloud is almost beyond compare; infinite computing resources, unmatched reliability and uptime, instantaneous service availability, simplistic self-service and provisioning, and the low-low prices of a buy by the drink model. These are the reasons behind the rush to the cloud that we are currently experiencing, but the wholesale adoption does bring a downside " as more and more capability is moved to the cloud, more and more cloud providers are utilized since, for the most part, each provider offers only a limited suite of services. The MultiCloud environment that creates a new set of challenges that IT leaders need to overcome, notably resiliency, interoperability/integration, and security and compliance through careful planning and the lessons learned from building complex on premise distributed systems. 

Takeaways: 

  1. As enterprises move to the cloud, MultiCloud environments will increasingly become the norm, not the exception 
  2. Consistent planning and thoughtful architecture will be essential to efficient and effective cloud deployments

 

12:10 pm - 12:35 pm

Executive Exchange

 

Executive Boardroom

Driving Digital Transformation: Proactive Path vs. Reactive Response

Shakespeare wrote that we should be afraid of greatness as "some are born great, some achieve greatness and some have greatness thrust upon them". This is true today as well for CIOs and CISOs. Digital transformation will happen, the only question being will the CIO drive it or will it be thrust upon them. We will discuss how to be a proactive voice in driving your company's digital transformation journey instead of waiting and responding to the voice of others.

Takeaways:

  1. Digital transformation is happening with or without our actions
  2. The most successful CISOs will drive this transformation from a proactive point of view instead of reacting to internal and external voices.
 

12:40 pm - 1:05 pm

Executive Exchange

 

Executive Boardroom

The Importance of Engaging CISOs in Digital Transformation

The digital transformation challenge is significant for all, but CIOs need to understand the importance of engaging their CISO as well. Capturing IoT data from capital assets is a challenge on its own; however, many also struggle with the workforce's preference for entrenched processes as well as the executive team's expertise for managing physical assets, which is contrasted by their discomfort with digital transformation.

 

1:05 pm - 2:15 pm

Working Lunch & Panel

CISO: The "Cultural" Information Security Officer

It is well-known that CISOs "wear many hats" and are responsible for more than ever before. One of those major responsibilities is driving a culture of innovation and organizational success throughout not only their team, but the entire organization.

Takeaways:

  1. The steps towards establishing a positive and productive culture
  2. The major threats to CISOs and their cultural innovation
  3. Shared success stories from CISOs who have implemented a cultural change
 

2:20 pm - 2:45 pm

Executive Exchange

 

Executive Boardroom

Navigating Security & Risk in a Changing IT Landscape

Agile, DevOps, containers, microservices and the cloud are all seeing increased adoption across the enterprise. But, while there are valid business reasons to embrace these new models, there is potential risk in implementation. Is this change necessary? If so, how can this change be accommodated effectively, safely? This session will cover some common elements of the risk of change - and of not changing - and suggest approaches to minimize risk as you adopt these new technologies. 

Takeaways: 

  1. The IT Landscape will continue to change leading to new processes, new technologies and new "standard" ways of doing IT business 
  2. This changing Landscape will present security challenges where you will need to balance the "pain of same" vs the "pain of change
 

2:50 pm - 3:15 pm

Solutions Spotlight

 

3:20 pm - 3:45 pm

Executive Exchange

 

Think Tank

The New Role of CISOs - Enabling the Business to Reach its Strategic Goals

The role of the modern Information and Cyber Security (ICS) executive is more complex than it has ever been before, not just because the technology landscape has become more complex, new threats are emerging every day, but also because increasingly ICS execs have had to become a business-focused executive, not just a technologist or domain expert. Long have we talked about the CIO and CISO getting a seat at the table, but modern businesses are now demanding that their technology impresario join them and leverage their deep and rich technical insight to allow the organization to better position itself for success. To be successful, CISOs need to help the business achieve their operational and strategic goal, be innovative, proactive and pragmatic. 


Takeaways:

  1. The importance of knowing and understanding the business and the strategic direction. 
  2. The importance of having a current and updated view on the IS control environment, critical threats, and risks towards business ops.
  3. How to bind the two together to deliver a proactive and risk driven approach to enable the business to succeed in current as well as strategic goals


Think Tank

Making Your Way Through the Fog of Cloud Computing in a Secure Path

What have we learned from a decade of cloud computing? What are the best practices that we should be taking into account as we take the next step on the digital transformation journey? We will discuss the full range of data center to cloud to hybrid cloud to fog and everything in between. 

Takeaways: 

  1. Cloud computing has effectively been with us for a decade. There are clear learnings in the last 10 years that we should leverage as we implement new solutions 
  2. One size does not fit all. Effective solutions can range from a state of the art data center to a hybrid cloud to a fully implemented cloud solution. 
  3. Security requirements must be considered on the various cloud implementation options 
  4. Multi-cloud considerations from a security standpoint and operationalization aspect

 

3:45 pm - 3:55 pm

Afternoon Networking Coffee Break

 

4:00 pm - 4:25 pm

Executive Exchange

 

Executive Boardroom

Navigating Security & Risk in a Changing IT Landscape

Agile, DevOps, containers, microservices, the cloud are all seeing increased adoption across the enterprise. But, while there are valid business reasons to embrace these new models, there is potential risk in implementation. Is this change necessary? If so, how can this change be accommodated effectively, safely? This session will cover some common elements of the risk of change - and of not changing - and suggest approaches to minimize risk as you adopt these new technologies.

Takeaways:

  1. The IT Landscape will continue to change leading to new processes, new technologies and new "standard" ways of doing IT business
  2. This changing Landscape will present security challenges where you will need to balance the "pain of same" vs the "pain of change
 

4:30 pm - 4:55 pm

Executive Exchange

 

Think Tank

Where is the Top Talent?

One of the major challenges for CISOs is finding top information security talent. However, look at 2019 as an opportunity to begin your search with universities and colleges that are expanding their cybersecurity programs due to the shortage of cybersecurity professionals. This session will also cover how to recruit and hire top cybersecurity talent.

Takeaways:

  1. Where to seek out the best cybersecurity talent
  2. The red flags to watch out for with incoming applicants
  3. The importance of focusing on retention

Think Tank

Preparing for the Inevitable

Employees are consumers of digital technologies such as IoT, AR and VR and the plethora of mobile devices has enabled them to work flexibly. This has raised the bar on employee expectations for tools and capabilities from their employers. In order for companies to retain the best and get the most out of their employees, it is vital to design and continually update the digital workplace. While defense is mandatory, preparing for that inevitable data breach is very critical for organizations' survival. 

Takeaways: 

  1. As the role of the CISO has evolved, senior leaders and board of directors are now becoming aware of the impact of data breaches to the organization and they look up to the CISO for guidance. 
  2. Cyber security responsibilities are also shifting and spreading as they are now part of Data Breach Response Teams. 
  3. Where do you start on data breach preparedness? Who should be involved in planning? How frequent do we need to test or do exercises? Do we involve government agencies? Do we get retainer services? Do we need to hire someone? How much money do we allocate?

 

5:00 pm - 5:20 pm

What's the Next Stop On the Transformation Journey?

Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CISOs, where common issues can be addressed and success stories can be shared. 

Takeaways: 

  1. Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you
  2. Sharing stories of success (and failures) is not reserved to a one-day CISO Summit, but should be shared on a regular basis with your peers
 

5:20 pm - 5:30 pm

Closing Remarks

 

5:30 pm - 7:00 pm

Summit Happy Hour

 

7:00 pm - 8:30 pm

Networking Dinner

 

8:30 pm - 10:00 pm

After Dinner Networking & Entertainment