What's the single most important component of an effective cyber-security program? Here's a hint: It has nothing to do with technology. Dave Grady, Senior Client Partner from Verizon's Security Solutions group, will discuss the importance of stakeholder engagement in cyber-security. Drawing on his 10 years as a security program manager and a previous 15-year career as an internal communications manager, Grady will explore how better communication between security teams and the business lines, executives and customers they support can make for a more effective security program. Better still, effective stakeholder engagement can reduce security-practitioner burnout and contribute to their professional growth.

Join senior executives from BitSight, Tanium, Recorded Future and Cylance for a panel discussion on how cyber-security is taking a bigger seat at the "strategic table" as more organizations look at risk from an integrated perspective. Moderated by Verizon's Dave Grady, this panel discussion will offer into how some of the world's most leading-edge organizations are re-evaluating the role of cybersecurity in enterprise risk -- and transforming their security programs to adapt to a world of complex IT ecosystems and ever-emerging threats.

Organizations like Gartner, McKinsey, and Department of Defense have been advocating that prevention and detection are insufficient and organizations should adopt a cybersecurity strategy of resilience.

Resilience can go a long way toward bringing trust and confidence back into cybersecurity. The session outlines the costs of this loss of trust and explains what a resilience strategy looks like. Then, it will discuss the elements of a digital resilience strategy and the best practices to implement one. These best practices include cloud security, security metrics, continuous audit and compliance, incident response rehearsals and involving people across an organization.

In a world that is increasingly digital, cyber-attack has become the most significant risk confronting today’s businesses, smart cities, and critical infrastructure. Online crime cost the world more than half a trillion dollars last year, while recent attacks have managed to influence the U.S. presidential election and disrupt the Ukrainian power supply. This troubling state of affairs is the product of several fundamental weaknesses with the traditional approach to cyber defense, which relies on predefining what threats look like at a time when criminals launch never-before-seen attacks on a daily basis. Moreover, these attacks increasingly strike at machine-speed, preventing security professionals from responding before their damage is done.

As a fundamentally unique approach to security, cyber AI systems need not predict tomorrow’s attacks based on yesterday’s threats. Powered by recent advances in artificial intelligence, the latest cyber AI security systems instead continuously refine their defenses by learning ‘on the job’ to differentiate between normal and abnormal behavior in an enterprise, enabling them to flag even subtly malicious activity. Thus, whereas traditional cyber security technologies are blind to unknown threats, self-learning cyber AI systems detect such novel attacks by spontaneously drawing connections that human programmers can’t see. And as ready-to-deploy exploit kits and advanced malware packages spawn new cyber-threats around the world, the challenge of securing the digital realm can only be met with AI security systems that can learn, evolve, and fight back.

In this session, you will learn:

• Where cyber-criminals have found weaknesses in legacy approaches to security
• Why only self-learning security tools can stop never-before-seen attacks
• How to protect your network from machine-speed attacks with Darktrace Antigena
• What gaining 100% network visibility of your entire digital estate — including cloud environments and IoT devices — can reveal about the latent vulnerabilities that advanced attackers are targeting today

Today 86% of organizations are in the process of building or already have an existing system in place to prevent/defend against insider attacks; if this statistic proves anything it is that more and more business are coming to terms with the hostilities of our world. Expected or unexpected, an employee with access to company-wide systems, no matter their intentions is a great threat to any organization. An employee with malicious intentions is dangerous, but according to a recent IBM survey, 95% of all breaches involved someone making a mistake. The Insider Threat panel at the Cyber Security Summit will show you how your organization is at risk, as well as showing you innovative & necessary steps to take in order to prevent attacks and increasing your defense systems.

Organizations process and store huge volumes of sensitive information that belong to their customers and employees – from financial information to medical records to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to a breach, involuntary exposure of this data, and non-compliance issues. But you cannot correct what you don’t know, so the first step in any IAM program is an assessment.

IDMWORKS CEO & Chief Strategist, Todd Rossin, will address the most common questions around IAM Assessments & Roadmaps – Why Should We Assess? What Should We Assess? and When Should We Reassess?

For many organizations they are looking at over half of their IT spending being related to cloud, whether infrastructure, services or other tools in the near future. As a CISO, this movement to the cloud can fill you with dread. Furthermore, one of the risks corporate boards understand best is third party risk, and now your entire network is in someone else’s hands. This transition is the subject of a lot of concern and a lot of mixed signals. It doesn’t have to be that way though, especially as moving to the cloud can be a security improvement, if managed appropriately. This panel will talk about the security issues CISO’s and IT leaders need to be aware of as they move further and further over to the cloud, what best practices and services they should consider or utilize, and how they can fully leverage the cloud resources to bring their organization to the next level of security.

A common phrase in information security is: “It is a matter of when you will be breached, not if.” As the headlines provide real-life examples from Marriot, to Equifax, to FedEx, this seems more true than ever before. But what should you do to prepare, respond and recover from it? What tools and tactics will make it easier to detect a breach (either as it happens or after the fact), what do you say to key stake holders about what is happening and how do you pivot from “How did this happen” to “How can we make sure it doesn’t happen again”. Few things in IT can be as high visibility and high stakes as a breach and this panel will equip the audience with what they need to know to better handle when a breach happens.