New York CISO Executive Summit

Ransomware attacks continue to evolve and recent geopolitical tensions have given rise to a new wave of Ransomware splinter groups. Successfully handling a ransomware attack requires skillful orchestration between multiple elements, including strategic negotiations. 

Meet and hear directly from a professional negotiator, who has dealt with some of the most sophisticated threat groups in the world and has an intimate understanding of how they think and operate. 

Join this session hosted by Sygnia and discover:

• A real-world case study of a heavyweight ransomware attack through the supply chain.
• The importance of integrating strategic negotiation into your overall response effort. 
• Key insights from helping hundreds of organizations defeat ransomware attacks through effective response and preparedness.

Organizations are held responsible for the actions of suppliers, vendors, and partners in addition to their own internal activities. Knowledge and understanding of supplier and third-party risk is of the utmost importance. CISOs must know their business well enough to understand where risks may materialize and employ processes to detect them, all while keeping the process simple and consistent.

Join this session to discuss:

• Creating a practical, easy to maintain, third-party assessment process
• Using risk profiles to make decisions on vendor selections
• Building trust and awareness internally and doing due diligence before you acquire new tech

Securing sensitive data should occur in conjunction with your broader data privacy and protection program. CISOs must understand where sensitive data is stored, as well as when and how it’s being accessed. It is important for security leaders to integrate data security with data privacy requirements when building insider threat programs.

Join this session to discuss: 

• When/how to involve the privacy team when planning an implementation
• Privacy team as a partner to the information security team
• Global considerations and privacy laws and regulations around the globe

Sometimes, cloud can seem like a "one size fits none" type of hurdle. One thing is certain, however — as the cloud landscape continues to evolve, so too should a CISO's security strategies.

Join this boardroom to:

• Gather practical takeaways and cloud solutions from your peers
• Explore solutions to current and future cloud security issues
• Gain feedback on your organization's cloud priorities

To quantify how they are reducing risk for the business and where to strategically invest, security leaders need effective, actionable metrics. These measures are essential to communicating effectively with the Board and other executive stakeholders.

Join this roundtable discussion to gain insight into how your peers are:

• Making informed investment decisions
• Communicating risk to the business at large
• Using data to tell a story to non-technical audiences

As business and technology teams drive cloud adoption and implement modern application architectures, the security vulnerabilities of the sprawling IT stack multiply as visibility dwindles. Now is the time to explore new applications and API security strategies to proactively reduce risk, secure the environment, and capitalize on cloud-native capabilities to meet these challenges.

Join this boardroom to discuss

• Establishing effective vulnerability management and application security programs
• Moving from a reactive to a proactive security posture
• API governance and security challenges and opportunities

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Managing distributed risk is today’s defining cybersecurity challenge. Mitigation of zero-day vulnerabilities is critical as adversaries exploit supply chain entities. This session explores how to identify all third parties impacted by zero-day vulnerabilities and guide their mitigation efforts. Your vendor, supplier, and partner ecosystem is now your enterprise attack surface.

Join this session to learn:

• How to manage distributed risk associated with hundreds and even thousands of vendors, suppliers, and partners
• Approaches to identify, prioritize, and mitigate active threats and critical/zero-day vulnerabilities
• Strategies to reduce supply chain/external ecosystem risk associated with zero-day

The truth is, there's not one. The phenomenon that is the Great Resignation, and the worries that surround it - talent and skills shortages, hiring and retention dilemmas, etc. - all have left CISOs scratching their heads looking for a solution. In this interactive session, you'll join CISOs that might be thinking similarly (or differently) about the daily scenarios you face when navigating through the Great Resignation.

Join this interactive session in small groups to debate and collaborate on team building scenarios including: 

• Keeping the right people – thinking beyond just retention 

• Mentoring a multigenerational workforce – creating operational excellence

• Exploring employee potential – diversifying skill sets

The sheer scale and complexity of cyber-threats has meant the challenge of securing your business has gone beyond a human-scalable problem. Security teams are inundated with alerts, while simultaneously trying to monitor data and activity spread across disparate environments, and respond to attacks in real-time. To rise to this challenge, the next phase of security must be automated!

During this peer discussion you will explore:

• Why mounting incidents across organizations are leading to alert fatigue
• How to trust the efficacy of autonomous response capabilities to stop in-progress attacks
• How automation can help to build cyber resilience and more effectively allocate resources

As attackers become increasingly sophisticated and the threat landscape continues to explode, understanding how to maintain resiliency is critical – and it all hinges on the ability to measure the effectiveness of your security program. Foundational to this is understanding the reliability of your processes, identifying security gaps, and addressing compliance issues – with the ultimate goal of communicating your organization's risk posture to the board.

Join this boardroom to learn about:

• Approaching security program effectiveness from a risk perspective
• Share successful strategies needed to maintain and measure resiliency
• Gather feedback from your peers on the best methods for communicating your security program to the board

Whether it’s criminals motivated by profit or nation-state attackers with geopolitical motives, public and private organizations of all sizes have felt the impact of increased cyberattacks. In today’s evolving risk environment, you can’t always predict where and when cybercriminals will strike, but you can control how your company faces changing threat vectors and how you will respond to any attacks.

Join this session to discuss:

• Overview of the current geopolitical landscape
• Insider threats from a cyber and foreign counterintelligence standpoint
• How cyber criminals are capitalizing on remote workers and companies post-covid

Governing Body members host this dinner for attendees after a day of networking and insights.