Southern California CISO Executive Summit

Governing Body members host this dinner for attendees to launch the event with an evening of peer networking.

Third parties expose businesses to strategic, operational, financial, and compliance risks. Moreover, leaders have less visibility into third parties than into their own businesses. For many organizations, the pandemic exposed the fragility of the organization’s third-party network and impressed the need to flex quickly to new third and fourth parties in the extended enterprise to meet demand without increasing risk exposure.

Join this session to discuss:

• Standardizing third-party risk management assessments to be used by business units
• Maintaining visibility of all ongoing third-party relationships
• Identifying and mitigating the risks of the third-party network

The CIO and CISO roles are evolving to become better leaders for the business. The key to success does not just fall on the shoulders of the CIO and CISO, it is working collaboratively across the C-suite that will garner real growth. Learn how these two C-Suite executives use communication challenges and conflicting paths to their advantage.

Join this session to discuss:

• What leadership and the business require to build a strong organizational culture
• Why being an enabler versus a barrier are the keys to success
• How to successfully juggle business alignment and keep the company secure

As business and technology teams drive cloud adoption and implement modern application architectures, the security vulnerabilities of the sprawling IT stack multiply as visibility dwindles. Now is the time to explore new applications and API security strategies to proactively reduce risk, secure the environment, and capitalize on cloud-native capabilities to meet these challenges.

Join this boardroom to discuss:

• Managing the lifecycle of API risks
• Defending against API attacks
• Developer-led API security practices

Many organizations are challenged with implementing their security programs across widely distributed infrastructure, using an array of tools while often sharing responsibility and control with their service providers. So how can they best maintain visibility into those environments, detect malicious activity and orchestrate effective, business wide, responses? Or perhaps even eliminate much of the noise in that process by identifying and reducing their exposure and risk proactively?

Join this interactive boardroom to discuss:

• Key industry advances in open interconnectivity of tools and data sources
• How overall exposure and risk can be better managed
• Improving the efficiency and effectiveness of threat management programs to allow security teams to focus on the what’s most important

Digital transformation is a powerful business enabler that is compelling leaders to fundamentally change their technology ecosystems. The potential of technology to unlock value and drive progress has never been greater and the imperative to transform your business, securely, has never been more urgent. With data, users, and devices everywhere, how can CISOs reimagine cybersecurity in a world without boundaries?

Join this keynote to hear strategies on:

• Accelerating transformation with innovative security services, and communicating their value to the business
• Scaling and simplifying security across the organization, minimizing risk and gaining agility
• Protecting today's cloud-first, hybrid workforce with a proactive, intelligent, and radically simple security architecture

Building applications in the cloud and running your business on cloud native architectures is a constant evolution that requires a new approach to security. How does a security organization partner with cloud engineering, DevOps teams, and developers to secure their applications?

Join this session to learn:

• How to maintain visibility across a dynamic, potentially multi-cloud attack surface
• Achieving and maintaining compliance at scale
• Responses to critical risks and constant cloud evolution

Under the new reporting rules, cybersecurity is now mission-critical for senior executives and boards of directors. The opacity of cyber risk will no longer be acceptable. We are now entering a new era —one in which governments and regulatory agencies have more oversight of cybersecurity incidents.

Join this session to discuss:

• How to prepare your board
• What the impacts of the new SEC ruling will have
• How can CISOs protect themselves from liability

Companies are increasingly dependent on vast networks of third parties which makes it difficult to monitor the level of exposure these risks pose to the organization. Perfect monitoring of all third parties, especially at global scale is impossible with limited resources. However, a proper third-party risk management program can be the life-saving measure your business needs when your partners are under attack.

Join this session to discuss:

• Prioritizing your vendor inventory for assessment
• Leveraging automation for calculating risk and streamlining the review process
• Expanding third-party risk conversations beyond cybersecurity

Zero Trust adoption spiked in 2020 as organizations scrambled to solve an unprecedented remote access challenge. Now, looking ahead, enterprises are faced with the conundrum of staying fully remote, returning full-time to the workplace, or more likely landing somewhere in between. But not all Zero Trust solutions are created equal, and many are ill-suited to address a range of use cases or environments.

Join this roundtable discussion to:

• Understand the limitations of remote access-only solutions
• Explore a wide variety of use cases that can be addressed by Zero Trust
• Learn best practices for transitioning to Zero Trust from a legacy solution

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Today’s SOC is laser-focused on accelerating capabilities. This approach has lead toward rock-solid building blocks in automation, integration, and context. But the best storytellers and decision makers in the equation are the people. While some might still hold out for the completely autonomous SOC, the SOC of the future leverages technology to better enable analysts to do the critical thinking and problem solving they do best.

Join Brett Cumming, Global Information Security Leader at Skechers and Tyler Fornes, Principal Solutions Architect at Expel to:

• Explore the shift from reactive to proactive security response strategies, using context to make more informed, real-time decisions
• Examine the role of automation in helping analysts make smarter, better informed decisions in the face of cyber threats
• Hear real-world examples of how core security functions can come together to harden defenses and thwart attacks

A CISO's worst nightmare is when a cyberattack under their watch becomes headline news. The initial signs of a security incident are rarely black and white. The first questions CISOs must ask are “Who does this impact?” and “How should I respond?” Security teams must understand the nature and scope of the incident to identify the best course of action.

Join this session to discuss:

• How to identify the significance and impact of the incident
• What plan you should already have in place
• How to pinpoint who needs to receive communication immediately

After years of being perceived as a nice cybersecurity concept but lacking practical implementation, Zero Trust has gained tremendous momentum in the industry with many organizations budgeting for and kicking off various Zero Trust initiatives. To realize the full benefit of Zero Trust, CISOs must carefully plan the processes to support Zero Trust initiatives, identify the right solutions and services, as well as set right expectations with all stake holders.

Join your peers to discuss:

• Business benefits and misconceptions of Zero Trust
• Common pitfalls when implementing Zero Trust
• Setting practical and realistic expectations/milestones

The cost of cyber insurance is skyrocketing. In response to a string of high-profile attacks, record-setting ransomware numbers and government regulations, insurers are being forced to significantly increase premiums for cyber coverage. It’s not matter of “if”, it’s a matter of “when” (or even “when again?”) you’ll need protection from cyber insurance carriers.

Join this boardroom hosted by Mimecast to discuss:

• Strategies to understand and quantify your firm’s risk and threat profile
• Techniques to demonstrably reduce your attack surface and enhance your ecosystem of controls
• Methods to communicate your program’s effectiveness in order to maximize cyber insurance coverage

Companies with greater diversity are more profitable, more socially responsible, and provide more well-rounded perspectives. So why is it that there are so few women in the C-suite?  Today, CISOs have a great opportunity to change the narrative by becoming a sponsor and advocate for the advancement of women.

Join this session to learn:

• Why having women in the C-Suite is so impactful?
• What is the difference between mentor and sponsor
• How CISOs play a critical role in advocating for women leaders