UK & Ireland CISO Executive Summit

***Invitation only*** The Gartner Security & Risk Management Summit brings together experts, thought leaders, and innovators to explore digital risks and strategies for resilience. With over 2,300 professionals participating, this event helps cybersecurity leaders enhance their strategy and gain insights into topics top priorities for security professionals.

Join us for an exclusive session with Eduardo Mastranza and Chris Gould for a sneak peek at key cybersecurity trends for 2024 and beyond.

Delve into:

• Explore digital risks and resilience strategies that will be showcased at the Gartner Security & Risk Management Summit
• Enhance your strategy and gain insights into topics like Gen AI, risk management, cloud security, and more
• Get a sneak peek at key cybersecurity trends for 2024 and beyond

Immediately following this session, the UK & Ireland CISO Summit will begin with a networking reception and dinner: connect with your fellow CISOs before the Executive Summit!

Exclusive to Governing Body members and select guests, this dinner is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit. Please join your colleagues for an evening of good food, wine, and lively networking.

While the vast majority of infrastructure has been upgraded and modernised to secure the shift to the cloud, enterprise IT teams are still missing an equally seamless access method to safely deliver those now cloud-native apps and data. While traditional browsers have become the de facto access point for the majority of business critical applications, they lack the deep inspection capabilities and hyper-granular security controls enterprises need. This results in security teams surrounding their browsers with layers of tech to meet those needs.

Join this keynote session to discover:

• Why traditional cloud security methods undermine your modernisation efforts and end-user experience
• Embracing technological momentum to adapt to a "more-with-less" security landscape
• How enterprise CISOs are using this solution to bolster cloud security

In today's rapidly evolving threat landscape, the imperative for cybersecurity has surpassed mere defense to encompass a broader notion of cyber resilience. This shift underscores the need for CISOs to not only fortify security measures but also cultivate operational resilience, positioning them as strategic leaders within their organisations. Join us to explore how embracing cyber resilience transcends traditional security paradigms, empowering organisations to effectively anticipate, withstand, respond, and adapt to cyber threats. Let's pivot from outdated security notions to holistic resilience strategies, mitigating risks and propelling business resilience forward.

Join us to discuss:

• Collaborative Accountability — CEOs and CISOs unite in fostering cyber resilience, transcending siloed security approaches
• Informed Trust —  Shift from blind to informed trust, accepting limited risk for resilience
• Operational Resilience — Identify minimum resilience levels to sustain key operations

It's widely acknowledged that CISOs are evolving from purely technologists into strategic business leaders. In this open discussion, we'll delve into strategies aimed at broadening the scope of the CISO's responsibilities beyond merely managing staff access to encompassing Customer Identity and Access Management (CIAM). By integrating CIAM, CISOs can transition from an 'us vs. them' mindset to a more cohesive model. This session seeks to foster conversations centred on comprehending customers, their consumption behaviours, and future service delivery considerations. Positioning the CISO as a proactive business enabler, transcending the traditional role of a mere gatekeeper.

Join this conversation to discuss:

• Strategies to expand CISO's role beyond staff access management, and increase influence across the business
• Exploring the variations in CIAM approaches across each CISOs organisations
• Application of traditional security practices (e.g. JIT and JEA) to enhance service delivery in the context of CIAM

Attacks on SaaS systems are on the rise, and SaaS is increasingly becoming a target of nation-state threat actors (e.g. Midnight Blizzard). However, most often sensitive data from SaaS Systems is simply exposed to the world due to admin-induced misconfigurations.

In the past year AppOmni has witnessed far-reaching events impacting thousands of customers. How can CSO organisations secure and monitor highly-dynamic and highly-abstract SaaS systems that are managed outside of the IT function, when tools like SASE have proven ineffective and network-centric?

Join this boardroom to discuss:

• The inherent complexities of effectively securing large-scale SaaS deployments
• How the traditional kill chain applies to SaaS, and why SecOps monitoring is necessary
• How SaaS Security Posture Management (SSPM) can be incorporated into existing security programs like CTEM and Vulnerability Management and Zero Trust

In an era of economic uncertainty, organisations are facing intensified scrutiny over budgets across all departments, including security. As CISOs reassess technology investments, cybersecurity teams are challenged to achieve more with less. This necessitates a strategic approach to cost optimisation and resource allocation. To navigate these challenges, CISOs must prioritise the automation of manual tasks and leverage existing tools and assets effectively.

Join this session to discuss:

• Identifying the types of cost inefficiencies in your security team
• Develop strategies to optimise costs and showcase ROI during financial challenges
• Embrace modern cybersecurity asset inventory for cost optimisation and enhanced protection

Elevate your cybersecurity discourse to the executive level with Outcome Driven Metrics (ODMs). Join this workshop to deepen your understanding of how ODMs can enhance critical conversations about cybersecurity with key stakeholders. Through engaging role-playing, gamification, and hands-on practice, participants will harness the power of ODMs to navigate crucial discussions effectively, ultimately safeguarding their cybersecurity initiatives and investments.

You'll leave this workshop with:

• ODM Mastery: Gain expertise in ODM frameworks for clearer communication and alignment with executives in cybersecurity discussions
• Presentation Proficiency: Enhance your ability to craft compelling presentations using ODMs, effectively articulating cybersecurity needs and demonstrating value to decision-makers
• Investment Defense: Equip yourself with tools to defend cybersecurity investments with concrete outcomes and metrics, fostering confidence and support from executive leadership

Quantifying cyber risk remains a formidable challenge for CISOs across industries. From articulating risk appetites to demonstrating ROI, navigating the landscape requires innovative approaches and shared insights. Join us for an open, interactive discussion as we delve into key questions, and explore strategies for refining risk quantification methodologies. There’s no silver bullet, but this session aims to create an open forum for CISOs to discuss how they approach this key topic.

Join us to unpack:

• Exploring universal principles for risk quantification such as articulating risk appetite, showcasing improvement and justifying investments
• Navigate nuances in metric selection, alignment with goals, and industry benchmarking
• Sharing your approach to risk quantification, and how you’ve adapted it after changing roles

Amidst a surge of regulations in various nations and the EU, alongside a continuously evolving attack landscape, regulatory bodies are intensifying their emphasis on cyber defence. This shift underscores the pressing need for CISOs to navigate the expanding array of regulations across diverse markets. Join us for an in-depth roundtable dialogue featuring experts in the field of network and information systems security to discuss the critical aspects and implications of the new regulations. Delve into crucial insights and ramifications of emerging regulations, as we explore strategies for effective compliance management in this dynamic environment.

Join this Executive Boardroom to discuss:

• Discussing strategies for CISOs to comply with differing regulations across a global footprint
• Best practices for compliance, including the newest risk assessment methodologies and security controls
• Considering specific new regulations such as the NIS2 Directive, DORA and the SEC's New Cybersecurity Disclosure Requirements

As organisations converge their Operational Technology (OT) and enterprise IT systems, new opportunities emerge alongside potential security threats. This session addresses the initial challenges faced by CISOs in this context, including managing security without disrupting business operations, ensuring data integrity for AI-driven decision-making, and understanding the strategic perspective of executives. The session also explores the roles and responsibilities within the converged environment and their implications for the overall security strategy.

Join this boardroom to delve into these key points:

• Balancing Security and Productivity — CISOs secure operations without disrupting productivity targets
• Reviewing the challenges you face when dealing governance risk paradigm with coherent management of IT, OT and IOT convergence
• Strategic Considerations — The session explores executive actions and perspectives in OT and enterprise IT convergence

Enhancing your business's cyber capability is a multi-year journey towards ever-evolving maturity, transcending daily threat management and business support. It competes with other organisational transformations while contending with the innovative strategies of cybercriminals. As a CISO, your strategic plan must anticipate frequent and significant changes, requiring constant adaptation. The psychological demands on CISOs and their teams in navigating this dynamic, chaotic landscape extend beyond keeping your organisation secure.

In this session, we will explore the CISO world through the psychological lens of Adaptability, focusing on some of the critical Ability, Character, and Environmental factors that you can understand and develop to grow:

• The skills of you and your team for the journey ahead
• The mindset of your stakeholders as advocates of the journey required
• Your business inherent “Changeability” as the journey reveals unexpected hazards and course corrections