CISO Think Tank

Digital transformation (DX) has become a catchphrase and trend in the corporate world:

As organizations try to find ways to remain competitive and create an enhanced experience for internal and external stakeholders, they must bridge the gap between business and technology.

This requires a collaborative effort between technology, people, and the business.

Technology needs to be understood as a critical enabler for every part of the organization.

It is far too easy for IT to get wrapped up in the new technologies that come across their desks regularly, or businesses to get caught up with the latest trends.

The combination of rogue insiders and external attackers makes SaaS application detection a massive pain point for enterprises, particularly within core business applications. External attackers leverage stolen credentials to impersonate an insider and connect to applications, while at the same time insiders are not sufficiently monitored. Such examples could include a fraudster’s takeover via social engineering, or incorrect implementation by an employee, or a doctor accessing celebrity patient medical data, or a salesperson downloading a report of all customers before switching to work for a competitor. Even after the enterprise receives a complaint or is otherwise suspicious, detection of these breaches usually consists of manual sifting through tons of log data from multiple sources. RevealSecurity’s CRO, Mark Fullbrook, will explore the growing challenge of SaaS application detection, explain why current detection solutions are usually ineffective, and share solutions using real customer examples.

• Digital transformation is no longer a buzzword, but a necessity for enterprises looking to stay competitive and meet evolving customer demands. However, CIOs and CISOs face several key challenges and roadblocks that delay the adoption of digital transformation initiatives. To overcome these challenges, enterprises need to focus on the key pillars that support any digital innovation and transformation.
• The key pillars that support digital innovation and transformation include IT infrastructure, applications, data, security, dexterity, resilience, user experience, leadership, culture, and partnerships.
• Enterprises that can effectively address these pillars can create a unified gateway for innovation, collaboration, and cohesive customer experience across the enterprise in the form of a digital workplace platform.
• A digital workplace platform can help improve end-user experience by boosting the use of AI, automation, self-service, and mobility. This platform can also improve satisfaction and productivity, while ensuring all required aspects of data risk and compliance are met to stay protected from all conventional and modern IT security threats. By adopting a digital workplace platform, enterprises can create value-based, robust, and agile single-window customer experiences across the enterprise value chain. Enterprises can save capital expenses, improve OpEx, reduce tickets per month, reduce the need for desk-side support, and significantly reduce the cost of endpoint devices, patching, application provisioning, and more.
• The future of IT for CIOs and CISOs lies in adopting a digital workplace platform that can help enterprises harness the power of a unified platform, reduce costs, improve end-user experience, and move towards a singular experience. Enterprises that embrace this digital transformation will be well-positioned to thrive in the new digital era.

The terms "Artificial Intelligence" and "Advanced Machine Learning" are often thought of interchangeably. While there is a relationship between AI and AML, to say they are the same thing is an oversimplification and misclassification. Rather, one begets the other with AI being the basic principle upon which AML is developed. As AI begins to mature and migrate away from purely advanced mathematical operations into decision making paradigms, AML steps forward as the predictive ability of machines to process vast quantities of data. As data and analytics becomes foundational to the way every business operates, AI and AML will become foundational capabilities.

The industry is spending record amounts on cybersecurity tooling, but somehow CISOs still are at times left scrambling to respond to the vulnerabilities like Log4j. Assuming that these types of critical and far-reaching events are inevitable, how can CISOs further improve their organization’s preparedness for future cyberattacks?

This panel will discuss potential strategies for determining the critical security controls - both technology and behavioral - that can minimize cyber-risks and give the organization the competitive advantage to grow and innovate. We will explore frameworks for measuring the efficacy of cybersecurity investments, and KPIs that show the board the investment is safeguarding the company's digital infrastructure for the long term.

All financial organizations have the challenge of providing the best customer experience possible, and 24/7 online service availability is essential to that experience. As an organization’s digital presence
expands, so does its exposure to DDoS threats. Traditional DDoS mitigation services were unable to block many DDoS attacks, and in 2022, there were record-breaking successful DDoS attacks against
financial organizations despite having leading DDoS mitigation services in place. In fact, threat actors know that many organizations are exposed because they rely on yesterday’s services and methodologies to combat modern DDoS threats. DDoS attack surface management is the only way to prevent successful DDoS attacks, however, some organizations have lagged in adopting a modern approach to tackle this threat and believe that their leading protection alone is enough; when attacked, they suffer significant losses and damages.

This panel will delve into today’s DDoS threat landscape, the dynamic nature and enormity of the attack surface, and the steps organizations should take in order to tackle the hundreds or thousands of hidden vulnerabilities in all layers of their DDoS protection and maximize their DDoS resilience while ensuring exceptional customer experience.

Given the rise in attacks, the growing sophistication of these incidents and the potential financial impact, having cyber insurance coverage has become critical for many organizations. Insurance premiums increased by an average of 28% in the first quarter of 2022 compared with the fourth quarter of 2021. If rates continue to climb and insurers offer more limited coverage, cyber insurance might become more and more difficult for many companies to afford or obtain. Out of those attacks, 81% of breaches involved stolen or weak credentials. To overcome any ransomware attack, companies are now depending more and more on Cyber Resilience Leadership. Learn what to do when ransomware hits, and how to recover quickly from difficulties, springing back into shape asap. 

Disruption alters, destroys, but also creates value. You realize the need to act once revenue starts to shift, which is happening at a faster pace than most would think. Disruption can be a great thing if you act upon it, but it is a threat if you watch idly. We will discuss how CIOs and CISOs can be proactive and act on disruption by figuring out how to identify, prioritize and respond.