Jeff Crume
Distinguished Engineer, CTO IBM Security - Americas
IBM
Jeffrey Aguilar
CISO
Los Angeles County, CA
Emily O'Carroll
Sr. Director, Global Information Security & IT Compliance
Topgolf Callaway Brands Corp.
APRIL 2023
The realities of hybrid work and the technology changes for supporting the workforce over the past few years have resulted in an expanded attack surface. Add in constantly changing threats and malicious TTPs, and today, CISOs are required to prepare their organizations to thrive amidst growing complexity.
At the upcoming Southern California CISO Executive Summit on May 24, Jeff Crume, Distinguished Engineer, CTO IBM Security - Americas, will lead an Executive Boardroom discussion on “Security Strategies for a Robust Threat Management Program,” with Evanta Governing Body Members Emily O'Carroll, Sr. Director, Global Information Security & IT Compliance at Topgolf Callaway Brands Corp, and Jeffrey Aguilar, CISO at Los Angeles County, California, helping to facilitate the discussion.
Ahead of the session, Jeff is sharing why CISOs need to shift from reactive to proactive threat management as part of their evolving cybersecurity strategies.
Jeff Crume is a Distinguished Engineer, Master Inventor and CTO for IBM Security Americas with more than 40 years’ experience in the IT industry. He has a PhD in Cybersecurity and serves as an Adjunct Professor at NC State University. Jeff is the author of a book entitled "Inside Internet Security: What Hackers Don't Want You To Know,” as well as a contributing author to the "Information Security Management Handbook.” He is a member of the inaugural class of the NC State University Computer Science Alumni Hall of Fame, where he has served on the school’s Strategic Advisory Board. He also serves on the editorial board for the “Information and Computer Security” research journal. He holds CISSP and ISSAP professional IT Security certifications, as well as Distinguished Chief IT Architect credentials from The Open Group. Jeff lived in Beijing on assignment in 2006 and has worked with clients in 50 countries.
What are some of the challenges CISOs face when it comes to managing the attack surface?
You can’t secure what you can’t see – and in too many cases, we can’t see everything that we should. “BYO-IT,” in its various forms, remote workers and cloud infrastructures all increase the attack surface, thereby increasing the need for extended visibility and control on the part of the CISO.
Why is it critical for the Evanta CISOs to have this conversation now?
From widely distributed infrastructures to high volumes of tools with different levels of control and responsibility, it can be difficult to maintain true visibility across environments. New technologies empower employees to be more productive, but also increase risk for the organization, if not handled properly. More people who are using more and different types of technologies from more and different places is the current reality – and the trend is only accelerating.
What are you most looking forward to about this Boardroom session?
We’re looking forward to exchanging lessons learned and best practices with people who are all trying to find the path to better security. We hope to have a conversation that helps CISOs proactively manage the attack surface to reduce risk.
We’re planning to discuss how to:
- Identify blind spots due to information fragmentation
- Understand the challenges of your full attack surface and lowering those risks
- Reduce the noise and stress being fed into threat management systems and pressure on teams
And we’re looking forward to CISOs coming with their ideas, questions and even some answers to drive a lively discussion on shifting from reactive to proactive threat management.
Join this conversation with Jeff Crume of IBM at the Southern California CISO Executive Summit on May 24, or find your local community to connect with like-minded security peers on more topics focusing on mitigating risks to your organization.
Special thanks to IBM.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.