BrightTALK Originals: CISO Insights

As the United States enters a new phase in Covid-19 response, how are businesses and governments responding? What lessons have been learned, and what next steps are organizations taking? How can technology and cybersecurity mistakes be avoided?

Join this webinar for the latest coronavirus playbook roundup and recommendations on how to address the next phase of the outbreak. Learn the scope of the unprecedented challenges organizations are currently facing. Hear from industry leaders on how they are addressing the COVID-19 security and technology challenges.

By popular demand, this webinar is a follow-up to the immensely successful BrightTALK session held on March 13 at the beginning of this emergency. That webcast (link in Attachments): Coronavirus Actions and Risks for Tech and Security Leaders, was viewed thousands of times, and numerous attendees asked for this update.

Topics will include:
- Policy, technology and process steps to take today to protect your workforce and organization.
- Lessons learned from more staff working from home (telework)?
- What mistakes can be avoided as staff prepare to go back to offices –and how?

We will close with a Q/A session with the audience.

Speakers:
- Dan Lohrmann, Chief Security Officer & Chief Strategist at Security Mentor Inc.
- Earl Duby, CISO at Lear Corporation
- Vinod Brahmapuram, CISO at State of Washington Government
- Scott Larsen, CISO of a large healthcare provider

By popular demand, this CISO Insights webinar is a follow-up to the immensely successful sessions held in March and May. The webcasts (links in Attachments): "Coronavirus Actions and Risks for Tech and Security Leaders" & "Back to the Office – Or Not? Next Steps in Pandemic Technology Response" were viewed thousands of times, and numerous attendees asked for this update.

Join this roundtable discussion to learn more about:
- Back to the office timing, decisions, strategies and tactics on the ground
- Quick Sector updates for government, manufacturing and healthcare
- Unemployment fraud
- Noticeable spike in phishing in June (related to civil unrest/Anonymous?)
- Team chemistry through the lockdown (how has onboarding been)
- Revenue loss impact on teams (downsizing? How has off-boarding been accomplished?)
- Overall CISO mental health through the quarantine and civil unrest

Speakers:
- Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
- Earl Duby, CISO, Lear Corporation
- Vinod Brahmapuram, CISO, State of Washington
- Scott Larsen, CISO, Large healthcare provider

By popular demand, the CISO Insights series is back in October for National Cyber Security Awareness Month with a new episode on securing connected devices.

Join this interactive Q&A discussion with CISOs to learn more about:
- Why connected devices are a popular target for attackers
- Steps for easy cyber hygiene at home and at work
- Building a security culture together
- CISO recommendations & best practices

Speakers:
- Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
- Earl Duby, CISO, Lear Corporation
- Keith Hollender, former CISO; Partner, Global Cybersecurity Practice Lead at MorganFranklin Consulting
- Adam Ford, CISO of Illinois

This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

We welcome and encourage audience participation and questions.

The 2020 elections in the U.S. have been historic in numerous ways. With more email-in voting than ever before and very close results for the U.S. President and Congressional races, there is plenty to discuss about security.

Was there voter fraud? Were the people, process and technology changes sufficient in states? How can we rebuild trust in elections? What is the future of voting in America?

Join us for this interactive discussion with audience Q/A.

This panel is part of the CISO Insights original series on BrightTALK with hosts Dan Lohrmann & Earl Duby. We encourage audience questions and participation.

Every year top security companies, industry thought-leaders, and tech media publications come out with their predictions for the upcoming year, and every year Dan Lohrmann publishes his roundup of these security industry reports, forecasts, themes and trends.

This BrightTalk webinar will dig into the 2021 prediction report in detail.

In addition to counting down (and referencing) the top 21 security prediction reports from the leading vendors, this webinar will examine:
- Where is their agreement on what’s coming next?
- Where is their major disagreement?
- Where will cyberattacks come from next?
- Which vendors have the best reports (and why)?
- Who are the award-winners for most creative, most likely, most scary and other security industry predictions?

We'll discuss security and tech predictions on Covid-19 and working from home as well as major security incidents such as attacks on global events (like the 2021 Olympics), cyber incident response and much, much more.

We will take your questions at the end, and may even ask you to vote for your favorite predictions (or offer one of your own to share.) Join us now!

According to the 2021 Gartner CIO Survey, 64% of employees are now able to work from home, and two-fifths are working from home. As more companies adopt a permanent hybrid workforce, it’s a constant challenge for CISOs to keep remote workers secure and ensure secure remote access.

So what are the main problems faced by CISOs today, and what tools are needed to navigate these risks? Hear from industry leaders on how they’re adapting their security strategies and learn more about how the CISO role has evolved over the last few years.

Join security experts across the industry as they discuss:

- What are the key security strategies and solutions to focus on
- Why connected devices are a popular target for attackers
- Steps for easy cyber hygiene at home and at work
- CISO recommendations & best practices
- What the next year has in store for security professionals

Speakers:
- Dan Lohrmann, Chief Strategist & CSO at Security Mentor
- Earl Duby, Vice President and CISO at Lear Corporation
- Endré Jarraux Walls, EVP, Chief Information Security Officer at Customers Bank
- Devin Krugly, Practice Advisor of Vulnerability Risk Management at Rapid7

SASE, or Secure Access Service Edge, is quickly growing to be the next big thing. 40% of enterprises will consider SASE adoption by 2024, compared with the 1% in 2018, according to Gartner. As more organizations adopt cloud to accommodate remote work, a Zero-Trust approach becomes essential. Workers need quick, reliable, and secure access to their SaaS applications and digital services, and SASE is here to help.

As organizations and industry professionals start looking at SASE and what it can do for their business, it's important to get the facts straight. Join this webinar to learn what SASE can do for your network security, and what the future of SASE looks like.

Join security experts as they discuss:

- What SASE is
- Why SASE has exploded in the network security space
- Strategic insights into how best to implement SASE
- Trends driving SASE growth and what they mean for the future

Speakers:
- Dan Lohrmann, CSO at Security Mentor
- Earl Duby, CISO at Lear Corporation
- Sinan Eren, VP Zero Trust Access at Barracuda
- Jack Miller, Head of Global Professional Services at Menlo Security

Although cloud has become a foundation for many organisations, some still struggle to optimise their cloud security. Gartner predicts that through 2020, 95% of cloud security failures will be the customer's fault. In 2020, companies struggled to accommodate the shift to remote work with fast-tracked digital transformation initiatives, leaving themselves vulnerable to cyber attacks. How can today’s CISO mend the gaps and create a foolproof cloud security strategy?

Today’s CISO needs to adapt to the growth of cloud users, manage cloud access and identity while continuing to monitor for threats, and more. Join this webinar to learn about key cloud security considerations CISOs should keep in mind as they secure their organisation’s transition to the cloud.

Tune in to learn more about:

-Top security strategies and solutions to consider
-Biggest cloud security challenges of 2021 and beyond
-Adopting a risk management framework
-Challenges in managing cloud access and identities
-Regulatory considerations and cloud privacy

Speakers:
- Dan Lohrmann, Field CISO - Public Sector at Presidio
- Earl Duby, CISO - Lear Corporation
- Chris Hill, RVP Public Cloud & Alliances at Barracuda
- Daniel Cohen, Vice President Cloud Services at Radware

Security threats are continuing to shape shift and evolve. At the same time, organizations are looking at the latest ways to streamline their operations as remote working begins to change into a hybrid working model. As a result, the CISO’s role is more demanding than ever. With Gartner predicting that nearly a third of workers worldwide will be working in a remote or hybrid setting in 2022, it’s essential that security leaders are fully up to date about the security risks facing new iterations of the workspace.

Join this episode of CISO Insights as we welcome Dan Lohrmann and dive into his security predictions for the year ahead. We’ll be discussing security and tech predictions on the continuation of the hybrid and remote workforce, how businesses can arm themselves against major security incidents, and more. This webinar will dig into Dan Lohrmann’s 2022 prediction report and cover upcoming security industry reports, forecasts, themes, and trends.

Join us to learn:
- What the dominant security trends are that can help prepare CISOs for the new iteration of the workplace
- What security leaders are in agreement and disagreement about regarding possible threats
- Must-read reports that can help CISOs get ahead of 2022 risks
- And more

Speakers:
- Dan Lohrmann, Field CISO, Public Sector at Presidio
- Earl Duby, CISO at Lear Corporation
- Chris Stefan, Global Advisory CISO at Stefan & Associates
- Aleksandr Zhuk, CISO at SFOX

Cyber security breaches are becoming increasingly more public and costly affairs, leading organizations to pay a closer look at their current and future security postures. With Gartner predicting worldwide IT spending to grow by 5.3% in 2022, it’s clear that organizations are looking for ways to optimize their resiliency roadmaps with new strategies and investments. As ever, it helps to hear from those who have been there, done that and who can share insights into overcoming cyber breaches.

In this episode of CISO Insights, we’ll be doing just that, as well as delving into Dan Lohrmann’s newest book, ‘Cyber Mayday and the Day After’, and exploring how organizations can handle cybersecurity incidents before, during, and after they happen.

Join us to hear:
- What leaders wish they'd known before a cyber attack and how they prepare for future situations now
- Where leaders see cyber security heading and what challenges lie ahead
- How to communicate and collaborate with vendors and partner to implement your crisis response
- How to maintain public trust in your firm, and the importance of executive-level media responses
- And more

Speakers:
- Dan Lohrmann Field CISO Public Sector at Presidio
- Earl Duby CISO at Lear Corporation
- Richard Meeus, Director of Security Technology and Strategy EMEA at Akamai
- Sammy Migues, Product Management Sr. Director at Synopsys

As organizations are looking for ways to stay on top of an evolving threatscape, many are
looking towards AI to enhance their security strategies and fend off cyber attacks before they
happen. In the 2022 CIO and Technology Executive Survey by Gartner, 66% of respondents
reported that they expected to increase cyber and information security investments for the
next year. More than half of respondents reported that they planned to heavily invest in
business intelligence and data analytics.

However some security leaders are cautious about adding artificial intelligence into their
security arsenal. Despite rapid advancements in AI, these solutions can also come with their
own unique set of drawbacks. Some skeptics say that AI technology is still immature and
that there may be simpler, more cost-effective solutions. With all the interest surrounding AI
in cybersecurity, it’s important for organisations to establish realistic expectations.

Join this panel to learn more about:
- The current state of AI in security
- What CISOs and their teams should keep in mind about AI
- How AI impacts your workforce strategy
- And more!

Speakers:
- Dan Lohrmann, Field CISO at Presidio
- Earl Duby, CISO at Lear Corporation
- Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
- Warsamé Ahmed, Co-Founder & CEO at BR[AI|YT.ai

In 2021, businesses spent on average $1.85 million recovering from ransomware attacks, according to Sophos “State of Ransomware 2021”. Ransomware damages are costly, and now increasing attacks are forcing security leaders to re-evaluate their backup and recovery processes. However, there’s an even bigger disrupter to disaster recovery processes: cloud technology, which is changing the way data is protected and how people need to prepare for recovery.

Cloud-based business continuity and disaster recovery have long been hailed as a cost effective, accessible, and safe option for organisations looking to achieve operational resiliency. With increasing cyber attacks, supply chain difficulties, and natural disasters, organizations need to take a deeper look into how Cloud can impact their backup management and disaster recovery plan.

In this episode, we’ll be looking at how organizations can effectively protect themselves in the age of Cloud.

Join us to learn:
- How Cloud technology has evolved and impacted security leaders’ disaster recovery and business continuity plans over the past 18 months
- Differences between disaster recovery in cloud computing versus traditional disaster recovery
- Deciding between on-premise data centers or a migration to cloud and how to incorporate Cloud into your disaster recovery plans
- And more!

Just as it takes a village to raise a child, it takes every employee to keep an organization safe. Whilst security teams draft up cloud security solutions and invest in threat detection technology, this won’t prevent employees from being coaxed into buying hundreds of dollars worth of gift cards that their boss requested from a supposed personal email.

With Verizon's 2021 Data Breach Investigations Report finding that 96% of phishing attacks arrive by emails, employees need to be aware of basic cybersecurity best practices in daily life to help promote an active cybersecurity culture within the organization. Creating a cybersecurity culture in the workplace is an ongoing goal that improves not only the organization’s security posture but also employee communication and teamwork.

Along with discussing how cybersecurity teams can collaborate with employees through user awareness training to establish and promote cybersecurity policies and guidelines, this episode of CISO Insights will cover:
- What it means to create a culture of cybersecurity in the workplace
- Best practices to keep in mind when creating and managing cybersecurity culture in the workplace
- Incorporating user awareness training and cyber hygiene in daily workday whilst overcoming employee reluctance against mandatory security training

According to The Life and Times of Cybersecurity Professionals 2021 report by the Information Security Systems Association, the ongoing cybersecurity skills crisis has steadily continued for over five years. Organizations are consistently on the prowl for talented cybersecurity professionals to combat increasingly prevalent and sophisticated cyber attacks. However, is hiring the “best fit” the only option organizations have to address the ongoing cybersecurity skills shortage?

After working alongside the constant cybersecurity skills shortage, CISOs understand that only looking to hire talent won’t cure the longstanding problem. So how are security executives addressing the growing need for cybersecurity skills? Join Hosts Dan and Earl with guests as they take a deeper look into the cybersecurity skills shortage and:

- Innovative new strategies organizations are utilizing to tackle the cybersecurity skill shortage from integrated security architectures to partnerships with third party services or vendors
- Investing in IT and security staff through cybersecurity training
- Embracing automation and analytics to streamline security processes

"If there has been a single dominant topic of discussion in 2023, it has to be the rapid rise of generative AI. New developments in the technology have drawn mass attention and it seems like everyone is trying to figure out how best to deploy generative AI in their own organizations. This presents a great opportunity to optimize existing machine learning efforts and automate operations even further – but it also opens the door to dangerous gaps in governance. Without the right protocols, companies can become vulnerable to a host of problems, from data loss and increased attack surface area to copyright issues and misinformation.

The technology is so new that many organizations won’t yet have clear policies in place around the use of generative AI. And while there are licensed, regulated generative AI tools available, many people are currently using the vast array of free apps that have not been scrutinized from a compliance standpoint. How can teams take advantage of these new opportunities created by generative AI, while maintaining their standards of security and governance? How can teams protect themselves from the risks of shadow IT and create clear governance policies?

Tune into this latest episode of CISO Insights to hear Dan Lohrmann, Earl Duby and guest experts discuss how to govern data and balance the dual threat and opportunity of generative AI.