Day 2 - 30 September 2021

09:30AM

(PDT)

Christy Riccardi

Director, Governance, Risk and Remediation | Information Security Office

Capital One

View Full Info

Panel : Strong to the core – Security for digital transformation

  • Rebooting an outdated security strategy – how far should you go, and how can this help power digital transformation? 
  • Reducing risk from third parties as your organisation grows 
  • Identifying deficits in your strategy and incorporating into your risk management program 
Moderator: . Christy Riccardi, Director, Governance, Risk and Remediation | Information Security Office, Capital One

10:10AM

(PDT)

Cloud Speed or Security – Why not both?

Businesses are adopting cloud to innovate at speed. However, when it comes to modernizing regulated workloads on the public clouds, enterprise security and compliance requirements are slowing them down. Can you achieve both – speed and security – when adopting cloud? Yes. In this keynote, we will discuss a five step prescriptive approach in achieving speed with agility. We will share our experiences from client engagements and differentiating capabilities in IBM Cloud.
Ideas:

  • What do you have to do to get ready for the future in terms of cloud security?
  • De-risking the cloud
  • Regulated industries — why CISOs are choosing IBM Cloud?

10:40AM

(PDT)

How to Make the Public Cloud the Safest Place for Your Company Data

  • 90% of CISOs say the public cloud can’t be trusted with sensitive data and workloads.  That fear costs   billions in computing costs and lost agility. New secure computing services arguably make the public cloud the safest place to compute, even   safer than on site data centers.
  •  This presentation will explore how new confidential computing   technology has launched an era of the   “private” public cloud.
  • We’ll discuss the “Confidential Cloud,” a secure environment across one or more clouds, and explore the   capabilities that come with it. No longer will you have to choose between staying competitive and   staying secure; with the right technology, you can move workloads to the cloud knowing your sensitive   data will be protected — at rest, in motion and in use.

11:00AM

(PDT)

Manish Gupta

Director, Global Cybersecurity Services

Starbucks

Associated Talks:

11:00AM - Day 2

View Fireside Chat: Access management & authentication – Ensuring digital trust

View Full Info

Fireside Chat: Access management & authentication – Ensuring digital trust

  • Addressing both ‘identity’ and ‘access’ – how have these definitions changed? 
  • How has moving online impacted the way we do business – using examples in healthcare, retail, finance and education? 
  • How to build identity-aware infrastructure without damaging user experience.
. Manish Gupta, Director, Global Cybersecurity Services, Starbucks

11:40AM

(PDT)

Palak Pahwa

Security Engineer II, GRC

Tinder

Associated Talks:

11:40AM - Day 2

View Tenets of successful security compliance

View Full Info

Tenets of successful security compliance

  • Compliance management helps an organization plan, organize, control, and lead activities that ensure compliance with laws, regulations, and standards.  
  • We will cover a general overview of the ISO/IEC 27001:2013, an international information security standard which is recognized globally for managing security on a risk-based approach; its importance in the security world; and the ten management system clauses to support the implementation and maintenance of an Information Security Management System (ISMS) that meets multiple compliance requirements. 
. Palak Pahwa, Security Engineer II, GRC, Tinder

12:00PM

(PDT)

Securing your databases is good. Securing your data is better.

  • When you have sensitive data, you need to protect it. But doing so indirectly by protecting your data storage, data pipelines, caches, backup, etc. etc. is a losing proposition
  • Instead consider tokenization.  We’ll talk about the benefits of tokenization and compare to encryption
  • However, you do not want to break applications and use-cases. We will talk about different kinds of tokenization and their pros & cons.

12:20PM

(PDT)

Christie Chaffee

Cloud Product Management Lead

JP Morgan Chase & Co.

Associated Talks:

12:20PM - Day 2

View Ready, set, build: product management essentials for a secure cloud

View Full Info

Ready, set, build: product management essentials for a secure cloud

  • How can you ensure your cloud products are both secure and user-friendly? 
  • Best practices for 3rd party management, backlog refinement and internal stakeholder management 
  • Creating security as a deep-rooted foundation 
. Christie Chaffee, Cloud Product Management Lead, JP Morgan Chase & Co.

12:40PM

(PDT)

Hackers for Hire Reveal Attacker Secrets to Combat Threats

Cyber mercenaries show how an attacker would exploit a company to gain access to their network and data, the lifeblood of their business. Cloud environments are no exception. While they provide a relatively simple and reliable way for companies to host their services, the new infrastructure, and network dynamics come with unchartered attack paths and new security risks. In this session you will discover:

  • Why COVID-abandoned buildings bring new security risks
  • How future cybercriminals will optimize multiple attack vectors to access your Cloud environment
  • New defensive tactics to protect your organization from advanced emerging threats

01:00PM

(PDT)

Christy Riccardi

Director, Governance, Risk and Remediation | Information Security Office

Capital One

View Full Info

Fireside Chat: Something you forgot? Building secure applications

  • What can organisations look at in their infrastructure to enable proactive defence?  
  • Mapping your attack surface – web, mobile and legacy 
  • The top application security vulnerabilities and how to combat them 
Moderator: . Christy Riccardi, Director, Governance, Risk and Remediation | Information Security Office, Capital One

01:30PM

End of Conference