San Francisco CISO Executive Summit

Tabletop exercises, wargaming sessions, etc. — whatever you call them, security leaders are no strangers to using interactive role-playing to practice incident response scenarios with stakeholders. But there's so much more to learn from the wide world of tabletop roleplaying games (TTRPGs).

Dr. Timm Woods, an expert on the role of TTRPGs in business and educational contexts, joins us to share practical insights learned from hundreds of hours as a professional Game Master, including:

• Fostering a team environment that authentically encourages innovation, trial and even error
• Using the power of storytelling to make intangible concepts feel as real as life and death
• Working with (not against) the fast-paced and unpredictable nature of security (and games) to embrace a more improvisational leadership style

With its new cyber rules, the SEC made clear that it expects more transparency from senior executives and board directors of public companies around cyber risk. Other things – like a definitive determination on what is “material” and potential increased personal liability for CISOs – remain a little less clear, however.

Join this session to participate in an open discussion about:

• Board-level oversight of cybersecurity
• C-Suite liability and information security risk
• Relevant cases, proposed policies and procedures

In today’s rapidly evolving security landscape, security programs must possess three indispensable capabilities to be truly effective: speed, scale, and flexibility. But to get to that ideal state, CISOs must overcome a bevy of obstacles, like legacy tools that are continuously breaking and homegrown systems that are challenging to maintain.

In this session we will discuss:

• Building a scalable infrastructure by exploring tools, processes and skills
• Challenges with current SecOps frameworks and ideas for more modern approaches
• Solutions for high volume cloud log sources while keeping budget in check

Managing cyber risk across an enterprise IT infrastructure has never been harder. Remote workers, advancing attack methods, and an ever-expanding vendor network are challenging every firm, as total visibility into threats has become nearly impossible. As digital business strategy matures, more organizations are becoming dependent on the cyber posture and protection of third parties. Third-party risks present a unique challenge because you are depending on vendors and partners to operate securely to keep your data and information safe. How are you mitigating the associated risks and demonstrating this to the business to ensure effective security programs?

Join our session to hear about:

• Common failings across TPRM programs that led to breach events
• How executives can provide strategic direction for third-party risk teams
• Key practices being implemented by leading vendor risk firms to maintain strong supply chain risk management

While the number of women in technology roles is growing, there's one area where the gender disparity is still very noticeable — right at the very top. Women in working IT, security and risk management still face more barriers to career advancement than their male counterparts, particularly when it comes to getting to the "Chief" title and level of authority.

In this session, women in the Bay Area technology community who've reached the "chief" level (and beyond) in their organizations will share some key moments in their career journeys, then we'll transition to more open discussion. Come prepared to share your perspective and forge new connections!

Access will be reserved for, but not limited to, women who are leading the IT, security and/or risk functions at their organizations (CISO, etc. or equivalent) and women reporting directly to these heads of function. Male allies and others are welcome as space allows.

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Many organizations today still purely focus on hardening systems and networks against an intrusion, aka “Prevention Focus.” This approach can result in a lack of focus on how an organization’s security solutions, people and procedures would support responding to a security incident if it were to occur. Would you be surprised to know that many victim organizations had the capabilities to detect these intrusions, but they weren’t enabled?

Join this session to discuss:

• Assessing third-party frameworks
• Articulating an organization’s ability to employ counter measures
• Identifying threat actors within their current organizational environment

Today's varied threat landscape features both foreign and domestic security concerns that could stop or delay business. With so many avenues for malicious actors, how should CISOs be prioritizing their resources to improve resiliency?

Join this open discussion with a cybersecurity expert from the FBI's San Francisco field office to discover and discuss:

• The latest cyber threats both already here and on the horizon
• Strategies for addressing the emerging threat landscape
• Best practices of working with law enforcement before, during and after a breach

Given today’s dynamic threat landscape, involving constantly changing malicious TTPs, CISOs must have a proactive threat management strategy to handle complex attacks. However, with widely distributed infrastructures and the number of tools with different levels of control and responsibility, maintaining true visibility is difficult. Staffing shortages and the high volume of alerts that come in from fragmented tools adds to this challenge. The solution? Unifying the analyst experience to connect existing tools and workflows across your hybrid cloud environment.

Join this session to discuss:

• Detecting and responding to advanced attacks like ransomware
• Unifying the analyst experience with AI and machine learning - starting with understanding your attack surface and through EDR/XDR, SIEM, SOAR
• Identifying blind spots in your cloud security strategy due to information fragmentation

Organizations worldwide are being faced with multistage attacks such as BEC, ransomware, and supply chain, that happen with the same basic steps in the same sequence. It’s been a decade since defenders began referring to this as the attack chain, but the attacks continue to successful with the same tactics, from phishing to Active Directory abuse to data exfiltration. So how do we finally turn the tables on adversaries, and take away what they depend across the attack chain?

Join this interactive roundtable as CISOs discuss:

• Understanding the evolving nature of initial compromises
• The art and science of preventing small compromises from becoming big incidents
• Reducing your team's workload by using the attack chain to prioritize controls