|Event Date||Thu Aug 19 EDT (in 19 days)|
Security Culture: Mental Models and Lessons Learned to Improve Your Culture and Decrease Your Company’s Risk
The business imperatives of digital transformation, DevOps, automation, and cloud create pressure for security teams to move faster to enable the speed of business. Doing it securely often creates tension with business units and development and product teams. Culture is one key tool that CISOs and security leaders can use to develop rapport with business peers, align teams, and reduce friction. In the session we’ll review an effective cybersecurity culture model, supported with examples of how innovative F500 companies tune their culture to enable rapid business scale. Talent acquisition tips and success metrics to share with your board will be covered so that attendees leave with simple actionable advice they can implement immediately.
Lunch and Learn – Defending Main Street: Redefining Defensive Cybersecurity Success with Military Strategy
Hacking operations have been embraced by nation-states and criminals alike the world over as an asymmetric but highly effective approach. While that original hacking model persists to this day, new models have emerged in which the power dynamics have actually flipped. Now, under-resourced small-to-medium sized and mid-market businesses find themselves under attack by profit-driven ransomware-as-a-service operators and other highly sophisticated threat actors.
This isn’t a hopeless security quandary; it's an opportunity for creative network defenders to embrace their inner strategist and defeat the imposing adversary's operation on their own terms. Mike Behrmann, Director of Security at Blumira and former threat analyst at National Security Agency, will cover:
• Practical strategies that can benefit small security teams without the luxury of enterprise-scale resources
• How to incorporate historical military lessons into a practical cybersecurity strategy
• Overcoming limitations of defensive security
Panel-Executive Order on Improving the Nation’s Cybersecurity: Making sense of What to do Next
Executive Order on Improving the Nation's Cybersecurity | The White House
This Executive Order signed in May 2021 applies to all federal information systems, and the vendors and software supply chains that support them. It covers cyber controls, incident reporting and incident response. How will organizations and federal entities work together to comply? How will this affect other private sector and public sector entities?
Join our panel discussion on what this means for these government entities, their critical infrastructure, and supply chain. In the possible absence of funding or well-defined instruction and requirements on implementation, organizations may need to overcome the challenges that our industry faces in making sense of it all. We will share insight and provide discussion surrounding some of the best practices that have been working well to date.
Cloud Security Strategist, AWS
Information Security Manager, Milwaukee County
CEO and founder, VigiTrust
Director of Security, Blumira
Security Executive in IFSEC's 2020 Global Influencers in Security in the Commercial Security