A C-level Guide to Zero Trust Implementation

CISO Council

November 30, 2022 - North America

Speakers

Brett James
Director, Transformation Strategy
Zscaler Inc

Council Speaker

IT infrastructure and security leader with 20 years experience spanning operations across 6 continents. Prior to joining Zscaler, Brett lead Bechtel's journey towards Zero Trust as the Manager, Cloud Architecture and Engineering. At Bechtel, Brett championed the local office breakout, VPN replacement and Password-less implementations and lead the infrastructure design of their Azure-based digital transformation application platform. Integrating platforms with advanced modern identity concepts is his specialty. Brett has enterprise management experience across a diverse range of technologies and disciplines, including PC and mobile technologies, unified communications, datacenter, LAN, WAN, identity and access management, APIs, enterprise architecture and cloud IaaS, PaaS and SaaS environments.
Erik Hart
CISO
Cushman & Wakefield Holdings

Council Speaker

Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest privately held commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security and business continuity services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, Zscaler, InfraGard Chicago Members Alliance and Western Illinois University. Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries.
Uma Mahesh Reddy
CISO
Prime Healthcare Services

Council Speaker

CISO and Director of Telecommunications in the healthcare industry. Skilled in Healthcare Information Technology (HIT), Security, Management, Business Strategy, Vendor Management, Software development. Strong information technology professional with a Master's degree focused in Information Technology (Security) from Central Queensland University, Melbourne Campus.
Prabhath Karanth
Head of Security & Trust
TripActions

Council Speaker

Senior security leader with 15+ years of leading global, cross-functional teams across hyper-growth startups, fortune 100 and big 4 consulting firms. I am active in the security community and advice security startups to solve security and business problems at scale. I excel at prioritizing the needs of the customer and eliminating the friction caused by security tools and processes while formulating scalable, pragmatic security strategies to reduce risk and improve security posture. At TripActions my organization drives several defensive and offensive security disciplines and serves as the single voice for security both internally to employees and externally with customers. Past: - Served as a security leader at Adobe for 9+ years where I drove several security programs and initiatives to level up security as Adobe reinvented itself in the cloud to grow from $30B to $300B business - Architect of Adobe common Controls Framework. Championed the implementation of CCF across all Adobe cloud products, services, platforms and operations. CCF became the backbone of Adobe’s security & trust strategy, opened up global GTM opportunities and enabled Adobe to achieve compliance with various worldwide cloud security and privacy certifications - Built a SWAT team of secops engineers & security TPMs to enforce security & ops best practices at scale for multi cloud via a companywide repeatable program through security automation - Global leadership role around security policies, automation and cloud security. Built a team of leaders who embraced an agile mindset, and deeply engaged with 500+ product teams to ensure controls are baked into the product and feature development roadmaps Specialities: i)Compliance Frameworks - PCI, SOC1/SOC2/SOC3, SOX 404, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, NIST 800-53, ISO27001, ISO 27701, SSPA, ISO 22301, ISMAP, IRAP, CAIQ, SIG, UK Cyber essentials, Spanish ENS, FERPA etc. ii)Security Maturity, Risk & Governance - NIST CSF, FAIR, ISO 27005, CMMI, COSO, COBIT, BSSIM, OpenSAMM iii)Cloud Tech - AWS, Azure, GCP, Kubernetes, Hyper-Converged Infrastructure, CI/CD, Multi Cloud, Containers/Microservices Architecture, Cloud identity management iv)Sec Ops/Eng - Web application security, cloud security, penetration testing, vulnerability scanning, threat hunting, Red/Blue/Purple teaming, enterprise security, Incident response/SOC, SOAR, Trust & Safety, shifting left security, EDR, email security, CSPM, encryption, authentication, authorization, access management, security architecture, disaster recovery, supply chain risk management etc.
Ben Halpert
CSO
Stealth Mode Startup

Council Speaker

Ben Halpert is a man on a mission: to educate and empower today’s digital citizens in the workplace, at schools, and at home. By day, he is the CISO at Groupon bringing his global experience in Risk Management, Cyber Security, Physical Security, Audit, Privacy, Compliance, and IT to benefit their merchants and customers. By night, he champions cyber ethics education throughout society via the 501(c)3 nonprofit Savvy Cyber Kids he founded in 2007. Ben is honored to speak and keynote at conferences and events worldwide. He has presented at the World Economic Forum, multiple times at the RSA Security Conference, InfoSec World Conference & SecureWorld events. Ben was invited to present at TEDxKids@Vilnius (Raising Savvy Cyber Kids) and TEDxSaintThomas (Technology addiction and what you can do about it). In addition, Ben has presented at IEEE, ACM, CSO50, CISO Summits, the Worth Safety & Security Summit and many other events over his career. Based on his early research and experience in the then emerging field of Cloud Computing, Ben was invited to publish Auditing Cloud Computing: A Security and Privacy Guide through John Wiley & Sons. Ben was a contributing author to Readings and Cases in the Management of Information Security and the Encyclopedia of Information Ethics & Security, wrote the security column for Mobile Enterprise Magazine and has contributed to seven NIST special publications. Through Savvy Cyber Kids, Ben provides cyber ethics educational and awareness sessions for parents, teachers, and students – from preschool through high school. Ben is the award-winning author of The Savvy Cyber Kids at Home children’s book series (The Family Gets a Computer, The Defeat of the Cyber Bully, and Adventures Beyond the Screen). As a trusted voice on a variety of cyber security issues, Ben has made numerous TV and radio appearances and has been featured in newspapers and magazines such as The New York Times, Wired, BBC, Kilinger, Good Morning America, Good Day Atlanta, CNN HLN, Fox News, RogersTV, RTVI, 11 Alive, WSB-TV, among others.
John Scrimsher
CISO
Kontoor Brands Inc

Council Speaker

Headquartered in Greensboro, North Carolina, Kontoor Brands is an American clothing company. The company markets denim clothing under the Lee, Wrangler and Rock & Republic brand names.
November 30, 2022

Attend this event

Not available on November 30, 2022?
View other dates for the Council

Agenda

All times Eastern Time
3:00 PM-4:15 PM
A C-level Guide to Zero Trust Implementation
Moving to zero trust is a major step in any organization’s digital transformation. In the past year since Executive Order 14028 was signed, implementing a data-centric approach to enterprise operations and risk management has become a top priority across industries nation-wide. It’s up to CIOs and CISOs to lead the executive and strategic planning requirements for designing zero trust throughout the enterprise, and staying abreast of how it will affect other business transformation initiatives. Join the discussion to learn more about: The keys to implementing zero trust as a service How to position zero trust to other C-level executives and the board Ensuring the right competencies and workflows are in place to achieve success
Panelists
Brett James
Director, Transformation Strategy
Zscaler Inc
IT infrastructure and security leader with 20 years experience spanning operations across 6 continents. Prior to joining Zscaler, Brett lead Bechtel's journey towards Zero Trust as the Manager, Cloud Architecture and Engineering. At Bechtel, Brett championed the local office breakout, VPN replacement and Password-less implementations and lead the infrastructure design of their Azure-based digital transformation application platform. Integrating platforms with advanced modern identity concepts is his specialty. Brett has enterprise management experience across a diverse range of technologies and disciplines, including PC and mobile technologies, unified communications, datacenter, LAN, WAN, identity and access management, APIs, enterprise architecture and cloud IaaS, PaaS and SaaS environments.
Erik Hart
CISO
Cushman & Wakefield Holdings
Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest privately held commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security and business continuity services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, Zscaler, InfraGard Chicago Members Alliance and Western Illinois University. Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries.
Uma Mahesh Reddy
CISO
Prime Healthcare Services
CISO and Director of Telecommunications in the healthcare industry. Skilled in Healthcare Information Technology (HIT), Security, Management, Business Strategy, Vendor Management, Software development. Strong information technology professional with a Master's degree focused in Information Technology (Security) from Central Queensland University, Melbourne Campus.
John Scrimsher
CISO
Kontoor Brands Inc
Headquartered in Greensboro, North Carolina, Kontoor Brands is an American clothing company. The company markets denim clothing under the Lee, Wrangler and Rock & Republic brand names.
Prabhath Karanth
Head of Security & Trust
TripActions
Senior security leader with 15+ years of leading global, cross-functional teams across hyper-growth startups, fortune 100 and big 4 consulting firms. I am active in the security community and advice security startups to solve security and business problems at scale. I excel at prioritizing the needs of the customer and eliminating the friction caused by security tools and processes while formulating scalable, pragmatic security strategies to reduce risk and improve security posture. At TripActions my organization drives several defensive and offensive security disciplines and serves as the single voice for security both internally to employees and externally with customers. Past: - Served as a security leader at Adobe for 9+ years where I drove several security programs and initiatives to level up security as Adobe reinvented itself in the cloud to grow from $30B to $300B business - Architect of Adobe common Controls Framework. Championed the implementation of CCF across all Adobe cloud products, services, platforms and operations. CCF became the backbone of Adobe’s security & trust strategy, opened up global GTM opportunities and enabled Adobe to achieve compliance with various worldwide cloud security and privacy certifications - Built a SWAT team of secops engineers & security TPMs to enforce security & ops best practices at scale for multi cloud via a companywide repeatable program through security automation - Global leadership role around security policies, automation and cloud security. Built a team of leaders who embraced an agile mindset, and deeply engaged with 500+ product teams to ensure controls are baked into the product and feature development roadmaps Specialities: i)Compliance Frameworks - PCI, SOC1/SOC2/SOC3, SOX 404, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, NIST 800-53, ISO27001, ISO 27701, SSPA, ISO 22301, ISMAP, IRAP, CAIQ, SIG, UK Cyber essentials, Spanish ENS, FERPA etc. ii)Security Maturity, Risk & Governance - NIST CSF, FAIR, ISO 27005, CMMI, COSO, COBIT, BSSIM, OpenSAMM iii)Cloud Tech - AWS, Azure, GCP, Kubernetes, Hyper-Converged Infrastructure, CI/CD, Multi Cloud, Containers/Microservices Architecture, Cloud identity management iv)Sec Ops/Eng - Web application security, cloud security, penetration testing, vulnerability scanning, threat hunting, Red/Blue/Purple teaming, enterprise security, Incident response/SOC, SOAR, Trust & Safety, shifting left security, EDR, email security, CSPM, encryption, authentication, authorization, access management, security architecture, disaster recovery, supply chain risk management etc.

In Partnership With