Name: Succeeding as a CISO in 2021
Start: 2021-02-17T17:00:00Z
End: 2021-02-17T17:01:01.000Z
Location: BrightTALK
Rating: 0

Learn all about privacy and what it means to different professionals. Discover why investing in privacy and cyber security makes business sense.

Businesses rely on AI models that transform data into actionable insights. Traditional methods for creating AI models require a lot of data that is collected at some central location. Federated Learning (FL), however, takes a different approach by turning the centralised paradigm on its head and moving models or functions to be executed to where the data is.

As a distributed process that does not require a single depository of data and where different parties can train an AI model without having to share the data, FL can be used in situations where data privacy is paramount.

This paradigm shift is also creating new opportunities to democratize AI, which has the potential to transform the data economy.

Join this month's episode of the Business Intelligence Report with Eric Topham, Co-Founder & Data Science Director at The Data Analysis Bureau, to learn more about how FL works and what opportunities it creates for consumers and enterprises.

Viewers will also hear from the experts about the different use cases for federated learning, especially in the context of customer privacy, regulatory compliance, and integrating siloed data. The topics up for discussion will include:
- The emergence of FL
- FL, the democratization of data and what this means for Big Tech
- How FL can be used as a privacy-preserving technology
- Business use cases for FL
- How FL can be part of your data strategy

Speakers 
- Dr. Pedro Baiz, Royal Society Entrepreneur in Residence at Imperial College London and Head of AI at eXate
- Max Robbins, CEO of AI Market
- Rajeshwar Bhandaru, Enterprise Data Architect at Suez

This episode is part of The Business Intelligence Report original series with Eric Topham, Co-Founder & Data Science Director at The Data Analysis Bureau. We welcome viewer participation and questions during this interactive panel session.

Federated Learning and Preserving Data Privacy

Working remotely has become the new normal. This, and many other changes organizations adopted last year in response to the pandemic are likely to stay for the long term. According to Gallup, about two-thirds of U.S. remote workers want to continue to work remotely. So, how can organizations continue to support their growing distributed workforce at a time where reports of security threats have increased by 400% compared to pre-pandemic levels? 

Here is where the zero-trust approach to security comes into play. 

Join this month's episode of The (Security) Balancing Act with Diana Kelley and guests as they discuss the emergence of zero trust (“Trust Nothing, Verify Everything”) and what it helps achieve for enterprises in the age of cloud and remote work.

Viewers will learn about:
- The evolution of the security perimeter and the shift to zero trust
- Why zero trust is an approach and not a product
- Zero Trust Network Access (ZTA) vs. corporate VPN
- Real-world stories and practical hands-on guidance from people who have deployed a ZTA

Speakers:
- Mari Galloway, CEO, Women's Society of Cyberjutsu
- Jonathan Nguyen Duy, Vice President, Global Field CISO Team, Fortinet
- Bob Rudis, Chief Data Scientist, Rapid7

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

Zero Trust for the New Normal

If you don’t fix your security vulnerabilities, attackers will exploit them. It’s simply a matter of who finds them first. If you fail to prove that your software is secure, your sales are at risk, too. 
 
Whether you’re a technology executive, developer, or security professional, you are responsible for securing your application. However, maybe you’re uncertain about what works, what doesn’t, how hackers exploit applications, or how much to spend. Or, maybe you think you do know, but don’t realize what you’re doing wrong.
 
To defend against attackers, you must think like them. Join Ted Harrington, author of HACKABLE: How to Do Application Security Right and learn:
- how to eradicate security vulnerabilities
- establish a threat model
- build security into the development process 

You’ll leave knowing how to build better, more secure products, gain a competitive edge, earn trust, and win sales.

This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.

Cyber Authors Ep.3: How to Do Application Security Right

In the shadow of the global pandemic and the associated economic downturn, organizations are focused on cost optimization, which often leads to impulsive decisions to deprioritize compliance with all nonrevenue programs. 

Regulators have evolved to adapt with the notable increase in data subject complaints and are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine while Equifax agreed to pay a minimum of $575 million for its breach. The US Federal Trade Commission, the US Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states and territories sued over the company’s failure to take “reasonable steps” to secure its sensitive personal data.
 
Privacy and data protection are enforced by a growing number of regulations around the world and people are actively demanding privacy protection — and legislators are reacting. More than 60 countries have introduced privacy laws in response to citizens’ cry for transparency and control. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today, according to Gartner. There is a convergence of data privacy principles, standards and regulations on a common set of fundamental principles.

The opportunities to use data are growing exponentially, but so too are the business and financial risks as the number of data protection and privacy regulations grows internationally.

Join this webinar to learn more about:
- Trends in modern privacy regulations
- The impact on organizations to protect and use sensitive data
- Data privacy principles
- The impact of General Data Protection Regulation (GDPR) and data transfer between US and EU
- The evolving CCPA, the new PCI DSS version 4 and new international data privacy laws or regulations
- Data privacy best practices, use cases and how to control sensitive personal data throughout the data life cycle

New Opportunities & Business Risks with Evolving Privacy Regulations

The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.
  
So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

- Can we build a hack-free election
- Does misinformation on social sites impact how people vote and what can be done to stop the spread
- What was new this time and what should security leaders keep in mind for their organizations
- Would it be safer if we brought the voting process online or in app
- Can nation state actors change voter rolls or polling data
- What the biggest election threats mean for industry
- Key takeaways for cybersecurity leaders

Panelists:
- Jim Richberg, Public Sector Field CISO at Fortinet
- W. Curtis Preston, Chief Technical Evangelist, Druva

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

Election Takeaways for Cybersecurity Leaders

The sky is blue, water is wet, and data privacy is a principle vital for everyone to understand.  

Privacy professionals undoubtedly agree on all three but would love to see more consensus on the last one nationwide. That’s why leaders at the U.S. National Cyber Security Alliance and others are starting the drumbeat this year for a full week dedicated to data privacy in 2021. 

Join NCSA Executive Director Kelvin Coleman, Uber Chief Privacy Officer Ruby Zefo, CIPP/US, CIPM, FIP, and MediaPRO Chief Strategist Lisa Plaggemier for a panel discussion co-presented with the IAPP making the case for a full Data Privacy Week to augment the planned Data Privacy Day, 28 January 2021.  

What you'll learn: 
• Why more focus on data privacy is vital.
• The connection between cybersecurity and data privacy.
• Ideas for starting a Data Privacy Week at your organization.

Toward a Data Privacy Week: Something We Can All Agree On

This session is Part 10 of the PCI Dream Team series on BrightTALK.

Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

All PCI and NOTHING about PCI DSS v4

Companies need immediate rethink on transfer data to the United States since the Privacy Shield transatlantic pact is declared invalid. The Court of Justice of the European Union found that the Privacy Shield does not meet the GPDR requirements and cannot ensure a level of protection. 

We will discuss how to achieve compliant pseudonymization, including protecting not only direct identifiers but also indirect identifiers and additional attributes, while still preserving the data’s utility for its intended use.  

We will also discuss different international privacy standards, the new Schrems II, clarify pseudonymization and other data privacy techniques. 

We will also discuss
• Data privacy and working remotely
• That GDPR does not apply to data that is no longer identifiable
• Pseudonymization used nationally, as well as for trans-border communication
• Pseudonymization use cases for privacy protection of personal health information
• Re-identification attacks, full and partial
• Extracting new information out of an anonymous or pseudonymous database through re-identification
• Linkage mechanisms
• The data de-classification process and workflow
• Pseudonymization services best practices and trustworthy practices for operations 
• Policy framework for operation of pseudonymization services
• When to use pseudonymization and/or anonymization

How To De-classify Data and Rethink Transfer of Data between US and EU

An increased awareness about privacy issues among individuals. In many countries, databases containing personal, medical or financial information about individuals are classified as sensitive and the corresponding laws specify who can collect and process sensitive information about a person. The financial services industry has rich sources of confidential financial datasets which are vital for gaining significant insights.

However, the use of this data requires navigating a minefield of private client information as well as sharing data between independent financial institutions, to create a statistically significant dataset. A major challenge that many organizations faces, is how to address data privacy regulations such as CCPA, GDPR and other emerging regulations around the world, including data residency controls as well as enable data sharing in a secure and private fashion.

We will present solutions that can reduce and remove the legal, risk and compliance processes normally associated with data sharing projects by allowing organizations to collaborate across divisions, with other organizations and across jurisdictions where data cannot be relocated or shared. We will review solutions that are driving faster time to insight by the use of different techniques for privacy-preserving computing including k-anonymity and differential privacy. We will discuss multi-party computation where the data donors want to securely aggregate data without revealing their private inputs. We will also review industry standards, implementations, key management and case studies for hybrid cloud (Amazon AWS, MS Azure and Google Cloud) and on-premises.

Privacy-Preserving Computing and Secure Multi Party Computation

Is your organization aware of the main differences in data regulations around the world?

Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

Viewers will learn more about:
- What's new on the data privacy and compliance landscape
- Main differences between data regulations around the world and what this means for your organization
- Expert recommendations regarding best tools and practices for achieving and maintaining compliance
- The future of data privacy
- What to expect in 2020 and beyond

Mali Yared, Practice Director, Cybersecurity and Privacy, Coalfire (Moderator)
Robert Razavi, Senior Security Architect CTO Office, IBM Canada
Baber Amin, CTO West, Ping Identity
Lori Robinson, Sr. Director, Product & Market Strategy, SailPoint
Elliot Dellys, Director, Strategic Consulting, Trustwave

Data Privacy in 2020 and Beyond

May 2020 marks the 2nd anniversary since EU's General Data Protection Regulation (GDPR) came into effect. How has the world of regulations changed in the last two years, and what else can we expect on the privacy and compliance landscape?

Join the PCI Dream Team as they celebrate GDPR's 2nd birthday - while social distancing from home - with a fun and insightful Q&A discussion on all things GDPR, CCPA & PCI DSS.

Grab a seat, eat some cake and bring us your toughest compliance-related questions.

Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

The PCI Dream Team Celebrates GDPR's 2nd Anniversary

In the fight against COVID-19, countries are taking urgent actions to address the crisis. Some are turning to tech to find solutions for containing the spread of the virus. Digital contact tracing, in particular, is gaining a lot of traction. For example, Apple and Google recently announced a rare collaboration to jointly facilitate contact tracing within their mobile platforms for public health monitoring applications.
So, what does this mean for privacy? 
While some efforts are being made to preserve user privacy, like not tracking user location or collecting other identifying information, digital contact tracing can still reveal more user information than necessary.

Join this panel of security and privacy experts lead by Chenxi Wang to learn more about the different implications associated with digital contact tracing, how it is being used around the world, and the long-term effects of COVID-rushed decisions.

Speakers:
- Chenxi Wang, Founder & General Partner of Rain Capital
- Vishwanath Raman, Lead, Privacy Technologies, Oasis Labs
- Michelle Dennedy, CEO Drumwave
- Tom Pendergast, Chief Learning Officer, MediaPRO

Privacy in the Time of COVID

In Singapore, the Government launched an app using short-distance Bluetooth signals to connect one phone using the app with another user who is close by. It stores detailed records on a user's phone for 21 days decrypt the data if there is a public health risk related to an individual's movements.

China used a similar method to track a person's health status and to control movement in cities with high numbers of coronavirus cases. Individuals had to use the app and share their status to be able to access public transportation.

The keys to addressing privacy concerns about high-tech surveillance by the state is de-identifying the data and giving individuals control over their own data. Personal details that may reveal your identity such as a user's name should not be collected or should be protected with access to be granted for only specific health purposes, and data should be deleted after its specific use is no longer needed.

We will discuss how to protect privacy sensitive data that is collected to control the coronavirus outbreak.

Coronavirus & Surveillance: How To Protect Privacy Sensitive Data

Remote work is quickly becoming the new normal and criminals are taking advantage of this chaotic situation.

The EU Agency for Cybersecurity's providing guidance for the huge increases in the number of people working remotely, using tele-health it is vital that we also take care of our cyber hygiene.

Viewers will learn more about:
- How to use encryption, controlling new storage of regulated data and data sharing in this new situation.
- Anonymization leaves personal data open to re-identification, which exposes firms to GDPR non-compliance risks.
- How are the HIPAA rules changing in this situation?
- GDPR prescribing pseudonymization and how is that work.
- How is CCPA changing the rules?
- How to secure wi-fi connections preventing snooping of your traffic and fully updated anti-virus and security software, also on mobile phones. 
- How important files can be backed up remote or locally. In a worst case scenario, staff could fall foul of ransomware for instance.
- What apps are secure to use in this new era?
- Should we use MFA, PW managers or local PW management?
 
We will also discuss how to use the CERT-EU News Monitor to stay updated on the latest threats and check the following basics.

Data Protection & Privacy During the Coronavirus Pandemic

This month's episode of The (Security) Balancing Act will look at how the CISO role has evolved in the last few years, what today's expectations are and what it takes to succeed as a CISO. 

Some of the topics to be covered during this roundtable discussion with security and tech leaders include:
- How has the CISO role evolved over the last few years and what is expected of CISOs in 2021?
- CISO vs BISO 
- How to see ROI on your cybersecurity investment?
- How to get the business to understand risk and care about security? 
- How to keep cyber employees happy. The churn is exhausting and costly for companies, and it’s exacerbated by employee burnout and a “grass is greener” approach. 

Panelists
- Patricia Titus, Chief Privacy and Information Security Officer, Markel Corporation
- Jonathan Nguyen-Duy, Vice President, Global Field CISO Team at Fortinet
- Gerald Mancini, Chief Operating Officer of Fidelis Security

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

Succeeding as a CISO in 2021

CISO

Security Strategy

Burnout

Cybersecurity Investment

Board Security

Risk Management

Security Policy

Security Culture

Security Operations

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Succeeding as a CISO in 2021

Presented by

About this talk

More from this channel