A combination of closed-door roundtables, C-level keynotes and panels will equip regional Heads of Security and Cyber with evolved leadership, communication and business skills to deliver in their ever challenging role. Along with legacy, years of technical debt and vendor risk exposure problems, a modern CISO needs to manage stakeholders, entrenched culture and politics for the business to securely execute on change, risk and compliance in the digital age.
Our mission is to equip you with the skills and information you need, so we start each Edge event with refined feedback from ADAPT local research and data gathered from 1,000s of C-level surveys. This will help you validate and compare your position and security strategies with the rest of Australia.
Matt Boon now leads our advisory practice distilling this data, having recently joined ADAPT after an 18-year career with Gartner. He will present some unique findings, and chair CISO Edge 2019.
Digital technologies are powerful in that they accelerate the velocity of business, transform constituent experiences and spawn new business models. On the other hand, they also drive an exponential increase in the pace of regulations, attack surfaces and the capabilities of malicious threat actors. Digital technologies are a formidable force for the progress of humanity, but they also magnify digital risk. As organisations have failed to demonstrate cyber-resilience and competency in managing privacy and integrity of data, there is a growing erosion of trust in technology. Restoring trust is not about eliminating risk, but about understanding, prioritising and managing it.
For 6 years Shawn served as the VP and Head of Cyber Defence at Visa, where he owned global operational responsibility for defending the enterprise which processes 65 billion transactions amounting to a total volume of $7.3 trillion annually. Shawn was instrumental in the transformation of Visa’s Global Cyber Security program into an industry leader. He led key innovations in the areas of attack surface management, intelligence-driven cyber response, threat intelligence and counter threat and provided leadership in designing the overall cyber program.
Based in Washington as CSO at RSA, Shawn holds key operational responsibility for cybersecurity incident response management, managing digital risk and partnering with business leaders across Dell to achieve their goals while balancing security and resiliency. Edwards’ primary vision, ensuring security and resiliency as a competitive differentiator, is achieved by enabling business opportunities while protecting customers and company. Shawn and his team are the conduits between the lines of business and the Security and Resiliency Organisation. Shawn was also Global Security Manager for Nokia for 16 years.
A panel comprising a CISO, CRO, CIO and CFO – moderated by Forrester lead Security Analyst Jinan Budge.
“Many CISOs and Heads of IT Security have evolved from a lifetime of technical expertise, and then must improve business and leadership soft skills to overcome new people challenges. If 75% of a CISO’s time is spent on stakeholder and team management tasks, the major role is to convince stakeholders to come on the journey, to manage up to the ExCo, across the line of business, and manage down to mass staff engagement and uptake.
What are the best methods to communicate security programs and risk to the board and C-suite?
- How to evolve your executive acumen?
- Building skills like resilience and an agile mindset
- Dealing with Politics and Detractors
- Setting realistic goals aligned with enterprise maturity levels
- Collaborating on Board level standards and regulations such as CPS 234
Formerly leading cyber strategy at Qantas and Transport NSW, Jinan is one of Australia’s leading security analysts, and moderates a C-suite panel to explore how to deliver on the needs of C-level executives and peers.”
Data volumes will only increase as will privacy challenges in turn. How do we leverage the potential of data to improve the delivery of products, services and programs when facing restrictive policies and legislation? What if open data sharing led to efficiency and services which enabled a safer society, or protect the weak? Can we share data and still protect the individual?
The drive to produce an open-source product that can quantify the risk that any given dataset poses for the identification of an individual is a global problem every developed country is facing, and a solution we all seek. Australia could lead the way. What is the role of the CISO in enabling data value?
Regarded as a thought leader in Australia’s Digital Economy, Ian is the CEO and Chief Data Scientist of the New South Wales Data Analytics Centre. With 25 years’ experience in IT, Ian has led organisations delivering products and outcomes that have impacted hundreds of millions of people globally.
Email. Meetings. Social media. Endless pings and dings. We live in a world littered with digital distraction and temptation. When we need to do focused, impactful, and deeper work, protecting that time is precious. For security leaders, under relentless pressure – being efficient is mission critical.
Join Amantha as she takes you through the latest productivity research from psychology and neuroscience. Explore the evidence-based strategies that will help you transform your work habits, turbo charge your output, and optimise your work hours.
Choose your preferred roundtable to participate in a moderated discussion led by leading business and industry analyst.
Digital risk management is the next cyber security frontier and it is everyone’s business. How can you navigate the risks of cloud transformation and manage third-party risk? How can you break down business and security siloes? How can you enable a dynamic workforce to innovate freely and safely? Join Shawn Edwards, RSA’s Global Chief Security Officer, for a closed-door discussion.
New research into cyber risk and digital transformation shows that Australian organisations place the highest importance on improving employee productivity, as well as enhancing business resilience. However, enabling staff and third parties to access data off-site is the greatest threat to organisations from a cyber-security perspective. In the rush to ‘digitally transform’ does your business place innovation over cybersecurity? During this roundtable, you’ll explore with peers the tension between what organisations seek to achieve through their digital transformation efforts, their concerns about the risks created by their ambitions, and how well placed they are to solve them. We’ll discuss: • How do you confidently manage the cybersecurity risks inherent in your digital strategy? • What are your top three most important factors for minimising cyber security risk? • How do you elevate the cyber security discussion to deliver lasting value through strategic security programs tightly aligned to corporate ambitions? • How do you successfully strike a balance between innovation and cybersecurity?
Security response today is too slow and complex. Security teams today are inundated with alerts and information from a growing number of siloed point solutions. In parallel, attacks via both known and unknown vulnerabilities continuously target critical business services, IT infrastructure, and users. These incidents and vulnerabilities lack business context, making it difficult to know which ones pose the greatest threat to the organisation. Join ServiceNow to learn more on how to help connect security and IT teams, respond faster and more efficiently to threats, and get a definitive view of their security posture.
As applications, users and devices evolve, it has become unrealistic to rely on a traditional “secure the perimeter” model, and trust that nothing will get in or out. What you need to deploy and manage is being redefined, with a shifting attack surface, operating across a wider area, at increasing volume. We’ll discuss best practice for taking security to the edge, to enable your digital business transformation.
We are constantly being blindsided by technology. Activities that were previously considered the sole domain of humans such as driving vehicles and helping diagnose cancer are now being done (often more successfully) by machines. As the rate of automation and technology-driven change continues to increase, a very legitimate question arises: what type of work will be left for us? It turns out that the progress of technology is more predictable than we think and there are actions that we can take to improve our long-term relevance. Beyond that, we can also find ways to use technology to free our time from mundane tasks and invest in the uniquely human qualities that enrich our lives.
Modern business is characterised by speed, change, new operating models and digital products powered by various clouds, with most organisations on a migration journey. The market reality is cloud sprawl, with businesses trying to separately manage and secure five or more cloud environments, often from multiple vendors. Most don’t have the tools and procedures to manage, operate or secure a complex multi-cloud environment. If you are struggling with a multi-cloud reality, you are not alone.
Matt Boon evaluates results from the ADAPT 2019 Cloud Migration Study combined with direct aggregated advice for practical ways to secure your organisations journey to cloud.
- How to embed the right policy, GRC and process?
- How to gain visibility and service playbooks to combat shadow IT
- Strategies to secure a multi-cloud architecture
- How to develop a multilayered strategy to secure both applications and data.
- Controlling user access across cloud boundaries, micro-services and network connections.
Panel Session to debate the role of the entire technology team in creating a cyber conscious organisation.
Security awareness, culture and training must empower people with the skills they need to be safe at work and at home.
How is security impacting on the broader business-as-usual functions of your organisation? And how can you work with your colleagues to make cyber a conscious responsibility and natural first-response of every employee within your business?
A panel of SecOp stars and managers from diverse industries come together to discuss techniques and tools, exploring:
- Using visibility to combat entrenched business culture
- Getting the Identity and Access Management framework right
- Hiring practices both within the security team and the broader business: where can you find new, capable talent?
- Security, digital transformation, automation: Are employees coping with the rate of operational change?
- How to avoid security fatigue across your organisation
- Creating diverse, engaging and practical training programs
Choose your preferred roundtable to participate in a moderated discussion led by a leading business and industry analyst.
Trust is fast emerging as a key competitive differentiator. But the siloed and reactive view of risk management prevalent today is no longer enough to guarantee the integrity needed to build trust. Organisations need to adopt a proactive, future-facing and fully integrated approach to risk that gives them the confidence to encourage innovation.
If Chapter 1 for organisations undertaking digital transformation was about experimentation, chapter 2 is now about enterprise-driven reinvention. So what role does Security play in this? This new chapter, characterised by multi-cloud environments and digital and artificial intelligence at scale, underpinned with trust, provides organisations with the opportunity to build-in security and privacy by design and not as an afterthought. Attend this roundtable to learn more about IBM’s point of view on Chapter 2 and to discuss:
- Your perspectives on Chapter 2 – what you think your chapter 2 looks like and how security will play in this
- What is your cloud strategy and how are you embracing security as part of your cloud journey?
- If you had a platform where you could orchestrate business scenarios, what would your top 3 be?
With the exponential cyber threats being experienced by organisations around the world and Australia, the need to maintain the security efficacy is paramount to protect and detect.
This needs to be assessed and performed throughout the lifecycle of the investment in cybersecurity to minimise the risk to the business.
This discussion will analyse and debate best practice for:
- Establishing a relevant security strategy for your organisation
- Forming an effective solution and procurement plan
- Developing an end-to-end, Total Cost of Ownership for your investments
- Leveraging system integration to simplify security solutions without compromising effectiveness
Enterprise systems are constantly being updated, modified and extended, to serve new users and new business functions. In such a fluid environment, machine learning enabled agents are being deployed to cut through the noise and highlight anomalies or indicators of forensic value. This session will discuss AI and ML predictive techniques in practical situations.
CSOs and CISOs both have the same mission, to protect their organisation from outside threats. These threats are converging even though the defences against them may still operate separately, and we are seeing a shift and convergence of the CSO and CISO roles.
From a customer and user viewpoint, security is security. Is the CISO or CSO role an incomplete function if it doesn’t include physical or IT security within the remit? Can one person lead the whole function including physical security, executive security protection, cyber security, privacy, fraud, and third party risk?
To accomplish their respective goals, both parties are defending against are the same threats viewed through different lenses. Can the views, opinions, needs and requirements of both the CSO and the CISO create potential conflict?
What is the best way to create a mutually accepted view of threats, their potential business impact and what role the teams play in addressing the risk?
- Ways to bridge the communications gap.
- Modern enterprise security risk assessment and management.
- Developing a converged approach to identifying and addressing risks and budgets
- How to arrange budgets, programs and tools to make the team as agile as the threats?
- If one leads, what happens to the other?
“What CISOs Want?” – LIVE podcast recording at ADAPT CISO Edge, then broadcast globally.
David’s popular US podcast series has hosted some of the world’s top CISOs and candidly explores the relationships, tactics and hype between vendors and CISOs. With a series of 5-minute segments such as “What’s worse?” and “Please enough, no more!” the sessions are entertaining whilst engaging on specific topics that security leaders need addressed and examining the mutual dependency and conflict that exists between buyers and sellers of cybersecurity products and services. Whether you’re a CISO or a wannabe CISO, the series delivers inside tips on how to manage a security team, and how to focus your precious resources to create a secure environment for your employees and customers. Veteran tech journalist and personality David will fly in from San Francisco to record the podcast live at CISO Edge.