The CISO Playbook for Measurably Reducing Cyber Risk

Presented by

Tony Velleca, CEO of CyberProof and Howard Silverman, Head of Marketing at CyberProof

About this talk

Organizations have been forced – practically overnight – into remote workforce business models, expanding attack surfaces, and the growing complexity of cyber-attack techniques. As CISOs, we need to turn the dial from investing in point prevention solutions and trying to articulate what the value is afterwards - to identifying the business risks we need to mitigate first and then focusing on the primary attack scenarios that could cause those risks to happen. For organizations to defend themselves against an ever-changing threat landscape requires leveraging an Agile detection and response framework as a preventative control, while leveraging readily available tools like MITRE ATT&CK, NIST, and others. While cyber threats are growing, the skills gap is getting worse, yet the average cyber-security budget is staying the same. So, how do organizations do more with less? What You Will Learn About · Demonstrating security KPIs instead of SLAs · Using the MITRE ATT&CK framework to improve cyber defense · Assessing your security portfolio from a risk perspective · Developing a use case factory that allows you to optimize detection & response · Implementing a hybrid model that improves flexibility in resource allocation · Applying an Agile methodology to stay ahead in a changing threat landscape
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (54)
Subscribers (6095)
CyberProof is a security services company that intelligently manages your incident detection and response. Our solution provides complete transparency and dramatically reduces the cost and time needed to respond to security threats and minimize business impact. SeeMo, our virtual analyst, together with our experts and your team automates and accelerates cyber operations by learning and adapting from endless sources of data and responds to requests by providing context and actionable information. This allows our nation-state cyber experts to prioritize the most urgent incidents and proactively identify and respond to potential threats. We collaborate with our global clients, academia and the technology ecosystem to continuously advance the art of cyber defense.