Boston CISO Virtual Executive Summit

Don't miss this opportunity to meet with CISO practitioners and industry thought leaders who shared their insights on the agenda. Come with questions and get ready to meet new friends in this casual session designed to foster peer connections and collaboration in the Boston community. 

Meet virtually for in-depth conversations with your colleagues

Be among the first to see what’s new and next in the security solutions landscape. Three early-stage providers will get the chance to showcase their innovative solutions to the most pressing cybersecurity challenges.

Join this session to learn and explore

• Vulcan’s risk analytics and remediation orchestration
• Cycode’s DevOps Pipeline Security, Governance & Integrity
• Orca Security’s cloud security risk detection in your cloud environment

Software has never been more business-critical, and cyberattacks at the application layer have never been more frequent. Yet budgets are also getting extra scrutiny in recent months. Join this boardroom to learn how to make the case for application security, from why you need it to what good looks like. You will leave with actionable tips and advice on:

• Getting buy-in for AppSec
• Making the case to expand a program
• Communicating AppSec success to executives & more

Many third-party risks are identified after initial onboarding and due diligence, suggesting traditional methods in risk management policy fail to capture new and evolving risks. As these external partnerships become increasingly complex, the need for a new vendor risk management approach is clear.

Join this conversation to discuss:

• Establish business-driven methods for ongoing risk management analysis
• Partner across the C-Suite to establish organizational buy-in
• Strategies to employ an iterative approach to ongoing relationship management

CISOs say that what they need most in their security program is confidence that people, processes, and technology are working and effective, and that controls are in place to ensure resiliency in the case of a major event. But how do you measure that, and how do you effectively communicate across your organization’s leadership and the board?

In this discussion, you will learn:

• Why traditional metrics fall short of communicating security risk and value
• Which metrics have meaning for both boards and security teams
• How the right metrics will benefit the business and win investment for security

This is NOT your typical security conversation. We won’t be talking about how to play better "perimeter defense" at the end of your software supply chain. Instead, we will be talking about how to play better digital “innovation offense” as next-generation software supply chain attacks become more sinister with bad actors actively injecting malicious code into open source projects that feed the global software supply chain.

 Join us to discuss:

• The prevalence of software supply chain attacks with real-world examples such as dependency confusion and how to continuously identify and remediate open source risk, without slowing down innovation
• Ways to integrate security guardrails directly within your DevOps pipeline
• The importance of uniting developers, security, and operations on the same team

To overcome the cybersecurity talent shortage, CISOs must leverage talent management techniques. A strong program starts with a strong CISO, and a strong CISO needs a diverse network of peers to help them lead the way. How can security leaders work to build an inclusive workforce?

Join this session to discuss:

• Talent retention strategies and techniques
• Strategies to improve communication strategies when it comes to diversity and inclusion efforts
• Ways to drive awareness, foster a sense of belonging, and create lasting change
• How a diverse team can introduce innovative approaches