Day 2 - 30 September 2021

09:30AM

(MDT)

Christy Riccardi

Director, Governance, Risk and Remediation | Information Security Office

Capital One

View Full Info

Todd Boehler

Senior VP, Strategy

ProcessUnity

Associated Talks:

09:30AM - Day 2

View Panel : Strong to the core – Security for digital transformation

View Full Info

Kurt John

Chief Cybersecurity Officer

Siemens USA

Associated Talks:

11:40AM - Day 1

View Cyber in the physical world

09:30AM - Day 2

View Panel : Strong to the core – Security for digital transformation

View Full Info

Sujeet Bambawale

Chief Information Security Officer

7-Eleven

Associated Talks:

09:30AM - Day 2

View Panel : Strong to the core – Security for digital transformation

View Full Info

Panel : Strong to the core – Security for digital transformation

  • Rebooting an outdated security strategy – how far should you go, and how can this help power digital transformation? 
  • Reducing risk from third parties as your organisation grows 
  • Identifying deficits in your strategy and incorporating into your risk management program 
Moderator: . Christy Riccardi, Director, Governance, Risk and Remediation | Information Security Office, Capital One
. Todd Boehler, Senior VP, Strategy, ProcessUnity
. Kurt John, Chief Cybersecurity Officer, Siemens USA
. Sujeet Bambawale, Chief Information Security Officer, 7-Eleven

10:10AM

(MDT)

Dr. Nataraj (Raj) Nagaratnam

IBM Fellow, CTO, Cloud Security

IBM Cloud

Associated Talks:

10:10AM - Day 1

View Cloud Speed or Security – Why not both?

01:10PM - Day 1

View Panel: Get out of my cloud! Preventing a data breach

View Full Info

Cloud Speed or Security – Why not both?

Businesses are adopting cloud to innovate at speed. However, when it comes to modernizing regulated workloads on the public clouds, enterprise security and compliance requirements are slowing them down. Can you achieve both – speed and security – when adopting cloud? Yes. In this keynote, we will discuss a five step prescriptive approach in achieving speed with agility. We will share our experiences from client engagements and differentiating capabilities in IBM Cloud.
Ideas:

  • What do you have to do to get ready for the future in terms of cloud security?
  • De-risking the cloud
  • Regulated industries — why CISOs are choosing IBM Cloud?
. Dr. Nataraj (Raj) Nagaratnam, IBM Fellow, CTO, Cloud Security, IBM Cloud

10:40AM

(MDT)

Steve Van Lare

VP of Engineering

Anjuna

Associated Talks:

10:40AM - Day 2

View How to Make the Public Cloud the Safest Place for Your Company Data

01:10PM - Day 1

View Panel: Get out of my cloud! Preventing a data breach

View Full Info

How to Make the Public Cloud the Safest Place for Your Company Data

  • 90% of CISOs say the public cloud can’t be trusted with sensitive data and workloads.  That fear costs   billions in computing costs and lost agility. New secure computing services arguably make the public cloud the safest place to compute, even   safer than on site data centers.
  •  This presentation will explore how new confidential computing   technology has launched an era of the   “private” public cloud.
  • We’ll discuss the “Confidential Cloud,” a secure environment across one or more clouds, and explore the   capabilities that come with it. No longer will you have to choose between staying competitive and   staying secure; with the right technology, you can move workloads to the cloud knowing your sensitive   data will be protected — at rest, in motion and in use.
. Steve Van Lare, VP of Engineering, Anjuna

11:00AM

(MDT)

Duncan Watkins

Principal Consultant

Forrester

View Full Info

Manish Gupta

Director, Global Cybersecurity Services

Starbucks

Associated Talks:

11:00AM - Day 2

View Fireside Chat: Access management & authentication – Ensuring digital trust

View Full Info

Fireside Chat: Access management & authentication – Ensuring digital trust

  • Addressing both ‘identity’ and ‘access’ – how have these definitions changed? 
  • How has moving online impacted the way we do business – using examples in healthcare, retail, finance and education? 
  • How to build identity-aware infrastructure without damaging user experience.
Moderator: . Duncan Watkins, Principal Consultant, Forrester
. Manish Gupta, Director, Global Cybersecurity Services, Starbucks

11:40AM

(MDT)

Palak Pahwa

Security Engineer II, GRC

Tinder

Associated Talks:

11:40AM - Day 2

View Tenets of successful security compliance

View Full Info

Shefali Shah

Security Manager, GRC

Tinder

Associated Talks:

11:40AM - Day 2

View Tenets of successful security compliance

View Full Info

Tenets of successful security compliance

  • Compliance management helps an organization plan, organize, control, and lead activities that ensure compliance with laws, regulations, and standards.  
  • We will cover a general overview of the ISO/IEC 27001:2013, an international information security standard which is recognized globally for managing security on a risk-based approach; its importance in the security world; and the ten management system clauses to support the implementation and maintenance of an Information Security Management System (ISMS) that meets multiple compliance requirements. 
. Palak Pahwa, Security Engineer II, GRC, Tinder
. Shefali Shah, Security Manager, GRC, Tinder

12:00PM

(MDT)

Manish Ahluwalia

Head of Customer Privacy & Security

Skyflow

Associated Talks:

12:00PM - Day 2

View Securing your databases is good. Securing your data is better.

View Full Info

Securing your databases is good. Securing your data is better.

  • When you have sensitive data, you need to protect it. But doing so indirectly by protecting your data storage, data pipelines, caches, backup, etc. etc. is a losing proposition
  • Instead consider tokenization.  We’ll talk about the benefits of tokenization and compare to encryption
  • However, you do not want to break applications and use-cases. We will talk about different kinds of tokenization and their pros & cons.
. Manish Ahluwalia, Head of Customer Privacy & Security, Skyflow

12:20PM

(MDT)

Christie Chaffee

Cloud Product Management Lead

JP Morgan Chase & Co.

Associated Talks:

12:20PM - Day 2

View Ready, set, build: product management essentials for a secure cloud

View Full Info

Ready, set, build: product management essentials for a secure cloud

  • How can you ensure your cloud products are both secure and user-friendly? 
  • Best practices for 3rd party management, backlog refinement and internal stakeholder management 
  • Creating security as a deep-rooted foundation 
. Christie Chaffee, Cloud Product Management Lead, JP Morgan Chase & Co.

12:40PM

(MDT)

Brian Halbach

Security Consultant

RedTeam Security

Associated Talks:

12:40PM - Day 2

View Hackers for Hire Reveal Attacker Secrets to Combat Threats

View Full Info

Hackers for Hire Reveal Attacker Secrets to Combat Threats

Cyber mercenaries show how an attacker would exploit a company to gain access to their network and data, the lifeblood of their business. Cloud environments are no exception. While they provide a relatively simple and reliable way for companies to host their services, the new infrastructure, and network dynamics come with unchartered attack paths and new security risks. In this session you will discover:

  • Why COVID-abandoned buildings bring new security risks
  • How future cybercriminals will optimize multiple attack vectors to access your Cloud environment
  • New defensive tactics to protect your organization from advanced emerging threats
. Brian Halbach, Security Consultant, RedTeam Security

01:00PM

(MDT)

Christy Riccardi

Director, Governance, Risk and Remediation | Information Security Office

Capital One

View Full Info

Nia Samir

Director Application Security and Forensics

Universal Music Group

Associated Talks:

01:00PM - Day 2

View Fireside Chat: Something you forgot? Building secure applications

View Full Info

Fireside Chat: Something you forgot? Building secure applications

  • What can organisations look at in their infrastructure to enable proactive defence?  
  • Mapping your attack surface – web, mobile and legacy 
  • The top application security vulnerabilities and how to combat them 
Moderator: . Christy Riccardi, Director, Governance, Risk and Remediation | Information Security Office, Capital One
. Nia Samir, Director Application Security and Forensics, Universal Music Group

01:30PM

End of Conference