The 14th Chief Information Security Officer Exchange

March 22 - 24, 2020 | Omni Los Angeles, Los Angeles, CA

Day 1: Sunday, March 22nd

10:15 am - 10:45 am Registration

10:45 am - 10:50 am Welcome Orientation

10:50 am - 11:00 am Thoughtexchange App Introduction

11:00 am - 11:10 am Chairperson's Opening Remarks

11:10 am - 11:40 am Cutting Edge Cybersecurity Rockstars Require Visibility to Avoid Data Breaches

This opening session will present how being an exceptional CISO requires you to realize your role as a corporate leader and cybersecurity ambassador. The modern day CISO does more than providing IT service delivery function. This CISO is a strategic contributor, business savvy, sensible and cost- conscious with the ability work cross departmentally within the company and externally with business partners. Holistic cybersecurity success is dependent not only on quarterly meetings, but on coordinated collaboration upstream and downstream.

In this session, you will:
  • Hear how strategic storytelling is a leadership skill set every CISO must possess to be successful in accomplishing improved reporting structures
  • Learn how to increase your C-Level pedigree to meet CEO expectations
  • Explore lessons learned from working cross departmentally with IT, Physical Security, HR, and Legal
  • Understand the benefits of (2ic) to support novel technical approaches and discern good advice from bad

11:40 am - 12:10 pm HR Is a Game Changer in Mitigating Security Threats

Cyber-attacks have been wreaking havoc across the world resulting in billions of dollars in global economic loss. The nature of dangerous threat vectors are expanding and the scope of security breaches is evolving. Cyber security threats will continue to escalate due to the rapid adoption of new technologies in a global digital economy. How does this affect your bottom-line? Through each employee. HR departments don’t need to be cybersecurity aficionados, but should make it a priority to partner with IT and legal teams to evaluate the needs of the organization to ensure all employees are equipped with necessary cyber skills sets.

In this session, you will:
  • Discuss building cyber competencies training programs, making cyber training integral in the on-boarding process, communication strategies for cyber threat awareness
  • Hear how to create robust risk management policy to prevent and monitor cybersecurity risk in the organization and take timely disciplinary actions in case of breaches
  • Explore hiring ethical hackers to strengthen cyber security resilience and building internal hacking simulators
  • Understand the scope of employee privacy

12:10 pm - 12:55 pm Dimensions of Effective CISO Leadership: Avoid Being the Scapegoat

Fighting cyber criminals and cons in the corporate realm ensures cybersecurity job insurance and opportunities. As businesses evolve, efforts must be made to build cyber risk into overall business models to detect, prevent, and defeat bad actors to stay one step ahead. CEO’s invest a great amount of time into understanding the fiscal initiatives set forth by the CFO to ensure healthy financial outcomes. The same considerations must be given for CISO’s to fully integrate cybersecurity measures and risk management. The absolute key to CISO success rest on the entire executive team. Their attitude and actions tend to make or break CISO’s.

In this session, you will:
  • Discuss the balance required between technical astuteness, business acumen, and financial risk
  • Hear tactics for earning a permanent seat with business executive leadership teams
  • Explore the need for indicators of compromise for risk management and mitigation like threat intelligence, incident response plans and cybersecurity policies in the business model                                    


12:55 pm - 1:55 pm Lunch and Networking

2:00 pm - 2:30 pm Closing the Cyber-Skills Gap: Create Internal Teams of White Hackers

Cyber security training is everyone’s responsibility. While training isn’t the only key to solving the industry-wide skills gap, it does intertwine security in the culture of the organization and raise awareness and culpability at all levels. As a CISO, don’t let anyone tell you there’s no budget for continued training. Make your case on how it is beneficial for each employee and the overall organization to build strong, competent and empowered teams. Insider threats come in many forms, don’t get caught unprepared for the worst case scenario. 

In this session, you will: 
  • Hear how the creation of cybersecurity training facilities at businesses and universities is a game changer for offensive and defensive cyber tactics
  • Understand efforts to assess staff preparedness and reactivity to real-world scenarios like malware infections and data breaches
  • Explore the ability to test theories with massive results

2:30 pm - 3:00 pm Business Meetings

3:00 pm - 3:30 pm Business Meetings

3:30 pm - 4:00 pm Business Meetings

4:00 pm - 4:15 pm Networking Break


4:15 pm - 4:45 pm ER Phishing Emergency Room: Identify and Respond to Email Threats Faster
Phishing remains the most widely used cyber-attack vector, most end users report many email messages they “think” could be potentially malicious. Whether or not you step employees through security awareness training doesn’t change the fact that your users are already reporting potentially dangerous emails within your organization. With only approximately 1 in 10 user-reported emails being verified as actually malicious, how do you not only handle the high-risk phishing attacks and threats, but also effectively manage the other 90% of user-reported messages accurately and efficiently?

Key Takeaways
  • Simple methods with critical functionality that serves as your phishing emergency room to identify and respond to user-reported messages and most dangerous threats
  • Prioritize and analyze what messages are legitimate and what messages are not – quickly
  • Help you and your team prioritize as many messages as possible automatically, with an opportunity to review recommended focus points and take the actions you desire


4:15 pm - 4:45 pm Know Your Enemy: Cyber Kill Chain
One of the best ways to get out ahead of malicious actors is with cyber threat hunting, the act of proactively and aggressively eliminating adversaries as early as possible in the Cyber Kill Chain. The quicker you can locate and track your adversaries’ tactics, techniques and procedures (TTPs), the less impact attackers will have on your business.

Key Takeaways
  • Convergence of SOC & intelligence analysts 
  • Common denominator in both internal (reactive) and external (proactive) cyber threats: the human element

Ignite Session

4:45 pm - 5:20 pm AI Enriches Threat Protection Management for Greater Enterprise Resiliency
Successful cybersecurity attacks can be so severe that they shut down business operations, erode the public’s trust in an organization and require substantial financial resources to go toward recovering. So, it’s crucial for the security professionals who work for those companies to continually invest in updated threat protection technologies. Artificial intelligence (AI) is making an impressive impact on threat protection efforts.

During this session you will learn:
  • Learn about enhanced bio-metric security efforts
  • Understand automation staffing benefits for larger talent pool 
  • Explore productivity increases by detecting flaws quicker 

Ignite Session

4:45 pm - 5:20 pm Blockchain Reality Check- Can it Deliver as Promised?
Blockchain promises to regulate and maintain administrative control in the digital world. With blockchain, we can imagine a world in which contracts are embedded in digital code and stored in transparent, shared databases, where they are protected from deletion, tampering, and revision. In this world every agreement, every process, every task, and every payment would have a digital record and signature that could be identified, validated, stored, and shared.

During this session, you will learn:
  • Discuss technological, governance, organizational, and societal barriers to overcome foundation implementation
  • Framework for blockchain adoption
  • How companies are using blockchain to track items through complex supply chains

Ignite Session

4:45 pm - 5:20 pm 5G Is the Catalyst for an Imminent Technology Transformation
Growing computing power is pushing the evolution of ideas, initiatives, investment, and infrastructure across cyberspace. The exponential growth of the internet and the increase in the use of computers in different shapes, sizes, and forms have forced the planning of information and communication networks to accommodate the design of new emerging technologies, platforms, and the rapid movement of growing digital data.

During this session, you will learn:
  • Double edge sword to technology advances and adoption 
  • Attack surface changes and open new complex security threats in vulnerable environment

5:20 pm - 5:35 pm Collaborative & Courageous Leadership

Learn how innovative and dynamic leaders are leading the way by having courageous conversations within their organization. Discover how organizations are creating a culture that promotes openness, transparency and collaboration by empowering their employees to share their voice and consider the thoughts and ideas of others; shifting the corporate paradigm from closed and knowing to open and learning. In this session you’ll learn what collaborative and courageous leadership means to you and those around you.

5:35 pm - 6:35 pm Cocktail Reception

6:35 pm - 8:35 pm Dinner