According to Gartner, 79% of companies have experienced at least one cloud data breach during the pandemic. But the migration of critical business data to the cloud shows no sign of slowing. In fact, it’s accelerating. Yet, despite powerful trends and mounting threats, traditional data security has simply not kept pace with the cloud. Security teams still struggle to even understand the reality of what sensitive data they have in the cloud and its associated risks. This is not a sustainable status quo. Data is increasingly a business most valuable asset. And until organizations can align around a shared Data Reality, cloud security will remain several steps behind intensifying security threats and tightening data regulations.
The Future of IT & Cybersecurity
CXO Think Tank
Visionaries
Matt Tesauro
Distinguished Engineer/Director Security Evangelist - Global
Noname Security
About Me
Matt Tesauro is a Distinguished Engineer at Noname Security. When not writing automation code in Go, Matt Tesauro is pushing for DevSecOps everywhere by contributing to open source projects, presenting, training and continuing to co-opt new technologies. Prior to joining Noname, he rolled out AppSec automation at a major financial institution and founded 10Security. Other experience includes the Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security, a Senior Software Security Engineer at Pearson and the Senior Product Security Engineer at Rackspace. He is also an Adjunct Professor for the University of Texas Computer Science department teaching the next generation of CS students about Application Security. Matt is a broadly experienced information security professional of 20+ years specializing in application and cloud security. He has also presented and provided training at various international industry events including DHS Software Assurance Workshop, OpenStack Summit, SANS AppSec Summit, AppSec US, EU and LATAM. His work has included security consulting, penetration testing, threat modeling, code reviews, training and teaching at the University of Texas and Texas A&M University. He is a lead for OWASP AppSec Pipeline & DefectDojo projects. The AppSec Pipeline project brings lessons from DevOps and Agile into Application Security while DefectDojo is an application that is the source of truth for DevSecOps activities and ingests output from 100 different security tools. He holds two degrees from Texas A&M University and several security and Linux certifications.
Ibrahim Jackson
Founder
Ubiquitous Preferred Services
About Me
Ibrahim works with technology, human resource, and other business leaders to develop, upskill, and retool teams of people for next practice leadership in a changing world of work. By providing workshops, coaching, and consulting, with a team of industry experienced professionals, to large-scale enterprises and government agencies, employees are prepared for future opportunities today. Our underpinning Digital Professional Framework governs our people transformation programs with a focus on four key areas:
1. Digital Depth 📱
2. Business Acumen đź“Š
3. Interpersonal Skills 🤝
4. Social Impact 🌎
Whether transformation, modernization, evolution, or restructuring, all of these changes have a basis for moving the organization forward. Leaders are trusted and relied upon to bring sustainable change to successful completion using competence, appropriate practices, skills, behaviors, and mental models to galvanize people and achieve sustainable change, continuous improvement, and make the most significant impact, so their organization realizes optimal value.
TRAINING
Our focus on digital and leadership attracts technology leaders and human resource executives working on developing people that need to be ready to lead in an era of emerging technology and where business models are expanding and evolving. We provide standard training, bespoke modules customized to the needs of the organization, modules tailored to the specific business objectives of the organization, and on-demand modules. Our learning journeys are immersive, experiential, and applicable to the particular business challenges our clients have.
COACHING
While many challenges and opportunities across organizations may be similar, their specific context, focus area, and goals are often unique. Having a coach or executive coach that can be an extension of your brain trust often leads to better decision making, improved results, and career elevation. We use a variety of coaching and group coaching models that help our clients excel at the aforementioned.
CONSULTING
By pairing our client's institutional knowledge with our broad range of expertise from across many industries, we help leaders tackle today's problems so that they achieve a competitive advantage on their journey towards making a material difference in their business. We perform simple to complex assessments, primary and secondary research, and strategy development where and when needed. When working with us, we own your problem, allowing you to capitalize on the solution's rewards.
Scot Miller
SVP & CISO
Mr. Cooper
About Me
Scot Miller, CISSP, CISM, is the Senior Vice
President and Chief Information Security Officer
for Mr. Cooper Group. He serves on the Dallas
CISO Board, has presented on advances in
Information Security and Technology Governance
at consortiums in Florida, Texas, New York,
Arizona, and Connecticut, and has been quoted in
national magazines and other industry
symposiums. Scot built high performing Security
and Operations teams from the ground up, and
over the past few years, brought Mr. Cooper’s
Identity Governance and Compliance teams to a new level. The supporting projects
won the 2021 Cybersecurity Team of the Year and CSO50 Award from a pool of
national and international candidates for innovation, agility, and meaningful
impact on a business.
Scot’s team is responsible for identifying, analyzing, and reducing risk for all Mr.
Cooper’s Group business entities. Previous to his duty at the Mortgage Servicing
institution, he was CISO for HMS (a Texas based Healthcare Information Services
organization), Head of Global IT Security for Alcon Laboratories, and Chief Security
Architect at MassMutual Financial Group. Scot was also the VP and CTO for the CT
chapter of ISSA.
Brian Brown
CISO
Solis Security Inc
David Bullas
Director of Sales Engineering
Authomize
About Me
Dave has been working in the Software Industry since 1998. He has a Masters degree in Computer Science focused on Neural Networks from the University of Alberta and has been working at Authomize since early 2021. Dave has held a variety of technical and management roles in development and sales engineering and has been in charge of the implementation, sale, delivery, and evangelism of a number of software products.
Dave's current role is Director, Sales Engineering at Authomize and in that role he leads a team that delivers technical outcomes, enablement, and evangelism for the Authomize team, our partners, and our customers.
Dave's spare time is spent kayaking, rock climbing, running, and reading a wide range of science fiction and fantasy novels. He has a long-suffering and extremely supportive wife and 2 kids aged 18 and 14. Dave has been living in Calgary, Alberta, Canada since 2005.
Brim Basom
CIO & CTO
Mothers Against Drunk Driving (MADD)
Brian Mork
CISO
Trinity Industries
About Me
Security and technology executive with a passion for and expertise in information security and risk management. Has worked across the entire security spectrum, including intelligence collection, penetration testing, software development, documentation, governance, compliance, physical security, system administration, digital forensics/incident response, and social engineering. Specializes in security and corporate security culture transformation.
Among other things, I'm a:
- Developer, trainer, and mentor of junior information security personnel
- Technology enthusiast focused on using technology to improve the world
- Frequent speaker at security conferences
- Frequent speaker at hacker conferences
- Co-Founder, Team Cryptolingus
- Co-Founder, Pittsburgh Hacker’s Association
- Advocate for Hacking Is Not A Crime (#HINAC)
Past Work:
- CISO of a Fortune 500/S&P 500 multinational company with 30+ manufacturing operations worldwide
- Internal corporate consultant on all aspects of information security to CIO level
- Lead security engineer over 8 personnel for $30M+ of DOD programs, responsible for systems integration, design, implementation, evaluation, and acceptance
- Embedded security consultant with a Fortune 10 customer's executive information security leadership
- Principal systems engineer focused on Linux/Unix hardening, network engineering, and OS and application hardening for IC assets
- Developed and authored numerous security tools
- Software developer
Jodi Watkins
Chief Commercial Officer
GTN Technical Staffing and Consulting
About Me
Responsible for client delivery and direction to our Fortune 500 companies. Determine and formulate policies and business strategies and provide overall direction for specialized recruitment teams. Plan, direct, and coordinate sales activities at the highest level of management. Prudently manage the organization’s goals and initiatives in Field Services, IT, Professional Services, MSP vendor relations.
Company-wide committee facilitation including planning, production and staff. Assures that the organization and its mission, programs, and services are consistently presented in a strong, positive image. Promotes a culture that reflects the organization’s values, encourages good performance, and rewards productivity.
Actively advocates for the organization, its beliefs, and its programmatic efforts. Acts as a liaison between the organization and the community, building relationships with peer organizations when appropriate. Oversees design, delivery, and quality of MSP programs and services. Collaborate to define and articulate the organization’s vision and to develop strategies for achieving that vision.
Tamar Bar Ilan
Co-founder & CTO
Cyera US Inc.
About Me
Tamar Bar-Ilan is the Co-Founder and CTO of Cyera. Upon graduating from the IDF's prestigious Talpiot Leadership Academy, Tamar entered into its elite cyber Unit 8200 where he built and ran the unit's cloud security division. As Israel’s National Security Agency, Unit 8200 was tasked with addressing advanced cyber threats by developing new processes and technologies. This experience allowed Tamar to hone his technical and practical expertise, and experience firsthand the unique challenges of securing data in the cloud. This experience inspired Tamar - and long-time friend Yotam Segev - to found Cyera in 2021. As CTO, Tamar guides Cyera’s deep commitment to understand and protect data by developing advanced technology and tools through customer-inspired innovation.
Nick Sims
Head of IT - Structural Heart
Abbott
Royi Barnea
Head of Channel Sales US
Cynet
Andre Rall
Head of Cloud Security
Uptycs
Jodi Watkins
Chief Commercial Officer
GTN Technical Staffing and Consulting
About Me
Responsible for client delivery and direction to our Fortune 500 companies. Determine and formulate policies and business strategies and provide overall direction for specialized recruitment teams. Plan, direct, and coordinate sales activities at the highest level of management. Prudently manage the organization’s goals and initiatives in Field Services, IT, Professional Services, MSP vendor relations.
Company-wide committee facilitation including planning, production and staff. Assures that the organization and its mission, programs, and services are consistently presented in a strong, positive image. Promotes a culture that reflects the organization’s values, encourages good performance, and rewards productivity.
Actively advocates for the organization, its beliefs, and its programmatic efforts. Acts as a liaison between the organization and the community, building relationships with peer organizations when appropriate. Oversees design, delivery, and quality of MSP programs and services. Collaborate to define and articulate the organization’s vision and to develop strategies for achieving that vision.
Robert Smith
Field CISO
Noname Security
About Me
Information Technology Leader with a focus on Security, Architecture and Operations. Experienced in regulatory compliances & security frameworks: HIPAA, PCI, SOX, COBIT, ISO, NIST, SANS20. Consistently leading strategic planning, policy development and day-to-day operations of information security function in close coordination with all corporate departments aligned with corporate vision. Proficient in target enumeration, vulnerability assessments, risk analysis and management, open source intelligence gathering, social engineering, IDS/IPS and SIEM tools.
Brian Brown
CISO
Solis Security Inc
Brim Basom
CIO & CTO
Mothers Against Drunk Driving (MADD)
Nick Sims
Head of IT - Structural Heart
Abbott
Royi Barnea
Head of Channel Sales US
Cynet
Andre Rall
Head of Cloud Security
Uptycs
EVENT DETAILS
November 2, 2022
Agenda
12:30 PM-1:00 PM
Welcome & Registration
1:20 PM-2:15 PM
Panel
Cloud Data Security
Panelists
Chair
Jodi Watkins
Chief Commercial Officer
GTN Technical Staffing and Consulting
Responsible for client delivery and direction to our Fortune 500 companies. Determine and formulate policies and business strategies and provide overall direction for specialized recruitment teams. Plan, direct, and coordinate sales activities at the highest level of management. Prudently manage the organization’s goals and initiatives in Field Services, IT, Professional Services, MSP vendor relations.
Company-wide committee facilitation including planning, production and staff. Assures that the organization and its mission, programs, and services are consistently presented in a strong, positive image. Promotes a culture that reflects the organization’s values, encourages good performance, and rewards productivity.
Actively advocates for the organization, its beliefs, and its programmatic efforts. Acts as a liaison between the organization and the community, building relationships with peer organizations when appropriate. Oversees design, delivery, and quality of MSP programs and services. Collaborate to define and articulate the organization’s vision and to develop strategies for achieving that vision.
Speaker
Tamar Bar Ilan
Co-founder & CTO
Cyera US Inc.
Tamar Bar-Ilan is the Co-Founder and CTO of Cyera. Upon graduating from the IDF's prestigious Talpiot Leadership Academy, Tamar entered into its elite cyber Unit 8200 where he built and ran the unit's cloud security division. As Israel’s National Security Agency, Unit 8200 was tasked with addressing advanced cyber threats by developing new processes and technologies. This experience allowed Tamar to hone his technical and practical expertise, and experience firsthand the unique challenges of securing data in the cloud. This experience inspired Tamar - and long-time friend Yotam Segev - to found Cyera in 2021. As CTO, Tamar guides Cyera’s deep commitment to understand and protect data by developing advanced technology and tools through customer-inspired innovation.
Speaker
Scot Miller
SVP & CISO
Mr. Cooper
Scot Miller, CISSP, CISM, is the Senior Vice
President and Chief Information Security Officer
for Mr. Cooper Group. He serves on the Dallas
CISO Board, has presented on advances in
Information Security and Technology Governance
at consortiums in Florida, Texas, New York,
Arizona, and Connecticut, and has been quoted in
national magazines and other industry
symposiums. Scot built high performing Security
and Operations teams from the ground up, and
over the past few years, brought Mr. Cooper’s
Identity Governance and Compliance teams to a new level. The supporting projects
won the 2021 Cybersecurity Team of the Year and CSO50 Award from a pool of
national and international candidates for innovation, agility, and meaningful
impact on a business.
Scot’s team is responsible for identifying, analyzing, and reducing risk for all Mr.
Cooper’s Group business entities. Previous to his duty at the Mortgage Servicing
institution, he was CISO for HMS (a Texas based Healthcare Information Services
organization), Head of Global IT Security for Alcon Laboratories, and Chief Security
Architect at MassMutual Financial Group. Scot was also the VP and CTO for the CT
chapter of ISSA.
Speaker
Brian Mork
CISO
Trinity Industries
Security and technology executive with a passion for and expertise in information security and risk management. Has worked across the entire security spectrum, including intelligence collection, penetration testing, software development, documentation, governance, compliance, physical security, system administration, digital forensics/incident response, and social engineering. Specializes in security and corporate security culture transformation.
Among other things, I'm a:
- Developer, trainer, and mentor of junior information security personnel
- Technology enthusiast focused on using technology to improve the world
- Frequent speaker at security conferences
- Frequent speaker at hacker conferences
- Co-Founder, Team Cryptolingus
- Co-Founder, Pittsburgh Hacker’s Association
- Advocate for Hacking Is Not A Crime (#HINAC)
Past Work:
- CISO of a Fortune 500/S&P 500 multinational company with 30+ manufacturing operations worldwide
- Internal corporate consultant on all aspects of information security to CIO level
- Lead security engineer over 8 personnel for $30M+ of DOD programs, responsible for systems integration, design, implementation, evaluation, and acceptance
- Embedded security consultant with a Fortune 10 customer's executive information security leadership
- Principal systems engineer focused on Linux/Unix hardening, network engineering, and OS and application hardening for IC assets
- Developed and authored numerous security tools
- Software developer
Speaker
Nick Sims
Head of IT - Structural Heart
Abbott
Together With:
2:20 PM-2:55 PM
Keynote
Application Security in a DevOps, Cloud and API World
Security teams are challenged to modernize application security practices in light of accelerating shifts to DevOps delivery models and rapid adoption of cloud-native application designs. Applications built on microservices (e.g. serverless, containers, APIs) and delivered continuously are outpacing application security teams ability to secure them. CISOs need to consider new skills, new touch points and new platforms to maintain a strong security posture in light of these trends and the speed at which they are re-shaping IT.
Panelists
2:55 PM-3:15 PM
Networking Break
3:15 PM-3:50 PM
Keynote
Cloud Detection & Response (CDR): Putting yourself in the shoes of a threat actor.
Today, threat actors have become cloud security experts. Their tactics, techniques, and procedures have evolved more quickly than we think. In this presentation, we’ll take you down the road on how threat actors think and show you have easy it is for them to abuse APIs in your cloud environment to achieve their desired outcome — privilege escalation; data exfiltration; ransomware, etc. We’ll also show you how to think like them.
Panelists
Speaker
Andre Rall
Head of Cloud Security
Uptycs
Together With:
3:40 PM-3:55 PM
Disruptor
Native Vs. Open: Choosing the right XDR for your organization
Extended Detection and Response (XDR) continues to be one of the most discussed technologies in cybersecurity. XDR promises far better security outcomes at a lower cost than the current security stack approaches most that most larger enterprises currently have in place. One sticky point that keeps arising in the XDR discussion has to do with the different technology approaches XDR providers rely upon to deliver platform capabilities. Most of us have heard the two primary approaches mentioned – Native XDR and Open XDR – but may be confused by all the vendor and analyst messaging. Join our discussion for an overview of these XDR approaches to better understand the benefits and shortcomings of each to help determine which option is better for your organization.
Panelists
Speaker
Royi Barnea
Head of Channel Sales US
Cynet
Together With:
3:55 PM-4:10 PM
Networking Break
4:10 PM-5:05 PM
Panel
Bridging the Gap Between IT and the Business
Bridging the gap between business and technology is not easy and requires discipline and balance between technology, people, and the business. For so many organizations today, technology is the business. Technology needs to be understood as a critical enabler in every part of the organization from the front line to the back office. It creates new value by crunching data to deliver new insights, it spurs innovation, and it disrupts traditional business models.
For business and technology leaders alike, new actions and behavioral changes can help their organizations make this shift. CIOs must take responsibility for problems, they should convey that when technology fails, many people typically share responsibility.
Panelists
Chair
Ibrahim Jackson
Founder
Ubiquitous Preferred Services
Ibrahim works with technology, human resource, and other business leaders to develop, upskill, and retool teams of people for next practice leadership in a changing world of work. By providing workshops, coaching, and consulting, with a team of industry experienced professionals, to large-scale enterprises and government agencies, employees are prepared for future opportunities today. Our underpinning Digital Professional Framework governs our people transformation programs with a focus on four key areas:
1. Digital Depth 📱
2. Business Acumen đź“Š
3. Interpersonal Skills 🤝
4. Social Impact 🌎
Whether transformation, modernization, evolution, or restructuring, all of these changes have a basis for moving the organization forward. Leaders are trusted and relied upon to bring sustainable change to successful completion using competence, appropriate practices, skills, behaviors, and mental models to galvanize people and achieve sustainable change, continuous improvement, and make the most significant impact, so their organization realizes optimal value.
TRAINING
Our focus on digital and leadership attracts technology leaders and human resource executives working on developing people that need to be ready to lead in an era of emerging technology and where business models are expanding and evolving. We provide standard training, bespoke modules customized to the needs of the organization, modules tailored to the specific business objectives of the organization, and on-demand modules. Our learning journeys are immersive, experiential, and applicable to the particular business challenges our clients have.
COACHING
While many challenges and opportunities across organizations may be similar, their specific context, focus area, and goals are often unique. Having a coach or executive coach that can be an extension of your brain trust often leads to better decision making, improved results, and career elevation. We use a variety of coaching and group coaching models that help our clients excel at the aforementioned.
CONSULTING
By pairing our client's institutional knowledge with our broad range of expertise from across many industries, we help leaders tackle today's problems so that they achieve a competitive advantage on their journey towards making a material difference in their business. We perform simple to complex assessments, primary and secondary research, and strategy development where and when needed. When working with us, we own your problem, allowing you to capitalize on the solution's rewards.
Speaker
Brian Brown
CISO
Solis Security Inc
Speaker
Brim Basom
CIO & CTO
Mothers Against Drunk Driving (MADD)
Speaker
Nick Sims
Head of IT - Structural Heart
Abbott
Speaker
Robert Smith
Field CISO
Noname Security
Information Technology Leader with a focus on Security, Architecture and Operations. Experienced in regulatory compliances & security frameworks: HIPAA, PCI, SOX, COBIT, ISO, NIST, SANS20. Consistently leading strategic planning, policy development and day-to-day operations of information security function in close coordination with all corporate departments aligned with corporate vision. Proficient in target enumeration, vulnerability assessments, risk analysis and management, open source intelligence gathering, social engineering, IDS/IPS and SIEM tools.
5:10 PM-5:25 PM
Disruptor
5 Steps to Securing Identity and Access for Everything in the Cloud
Identity and Access are under attack. The only way to protect the identity layer from risks and threats is to continuously monitor identities, assets, access privileges, and activities across cloud environments.
Join Authomize Director of Sales Engineering David Bullas, to learn about the 5 steps you need to take to ensure that your Cloud Identity and Access is secure and in compliance with standards and regulations. The session will review how security teams detect and mitigate Identity and Access risks such as:
- Excessive Access exposing what you build in AWS
- Identity lifecycle risks including partial offboarding
- IdP risks including password stealing and user impersonation
Panelists
Together With:
5:25 PM-5:30 PM
Closing Remarks
5:30 PM-6:30 PM
Cocktail Hour
Together With
