Hi [[ session.user.profile.firstName ]]

How to Build in Flexibility to Create a More Effective Security Strategy

If the past year has taught us anything, it's that what we put on paper doesn't always pan out. Cybersecurity professionals know that a security strategy can quickly turn into projects with many twists, turns, roadblocks and surprises. We’ve invited two seasoned CISOs to get their take on how to navigate the challenges of making things happen in the day-to-day of this fast-paced industry, and how to build in flexibility for the unknown surprises along the way.

Expect answers to questions like:

-Can you plan an effective security strategy for the unknown?
-What parts of planning do you have to get right to reduce issues during execution?
-What tips have served you well in your career to stay on top of disruptions?
-How do you keep your team motivated when blockers just keep coming?
Recorded Jun 3 2021 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ray Espinoza, Dr. Emmanuel Adu and Jack Roehrig
Presentation preview: How to Build in Flexibility to Create a More Effective Security Strategy

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Not All Risks are Equal - Why Context Matters in Cloud Security Nov 8 2021 7:30 pm UTC 30 mins
    Patrick Pushor
    The promise of adding new security tools and capabilities to your security operations efforts is more intelligence to make better, more well informed decisions with, but do they deliver on that promise? If your SOC team receives hundreds of "high priority" alerts every day should they even trust in that risk score? An overwhelming number of alerts desensitizes the very people tasked with responding to them, leading to missed or ignored alerts or delayed responses. In this session we will discuss our best strategies in the fight against alert fatigue and how to rebuild trust in security intelligence.
  • Top Infosec Practices for Continuous Compliance Nov 1 2021 6:30 pm UTC 13 mins
    Patrick Murray
    In this lightning talk, Patrick Murray, Chief Product Officer at Tugboat Logic, shares expert tips that will help you off-load your team, avoid audit delays and ensure you are always compliant.
  • Day in the Life of a CISO: Cybersecurity in the Age of COVID Oct 25 2021 6:30 pm UTC 44 mins
    Chris Cervais and Vanessa Pegueros
    Hear from current CISOs as they discuss the demands and challenges of their roles, in a profession where the only constant is change. The global pandemic has complicated things even more, resulting in a highly remote workforce, shifts in business models (including the rapid rollout of digital services), multiple new cyber threats, and an overall climate of uncertainty.
  • CISO Series: Vendor Security Relationship Podcast Live Recording Oct 20 2021 6:30 pm UTC 45 mins
    David Spark, Mike Johnson and Mark Eggleston
    David Spark will be joined by Health Partners CISO Mike Eggleston for a new, live episode of the CISO Series/Vendor Security Relationship Podcast. Think of it like as couples therapy for security practitioners. In this episode, David will challenge Mark and listeners to critique, share true stories, and reveal in hypothetical scenarios, “what would you do?"
  • CISOs Assemble: Shaping a Security Strategy Oct 18 2021 6:30 pm UTC 45 mins
    Ray Espinoza and Henning Christiansen
    “So how will security level up this year?” This is a question every security leader faces, regardless if they work at a growing startup or a long established organization. Having a clear answer amid unprecedented uncertainty, cost pressures and customer expectations can truly be a heroic feat. In this session, Cobalt’s own CISO will draw upon his years of experience managing infosec programs at eBay, Workday, Amazon, and Cisco, among others. He’ll be joined by Henning Christiansen, CISO at Axel Springer, to provide additional perspective from security professionals “in the trenches.”
  • Pentester Panel: Lessons from the Frontlines Oct 13 2021 6:30 pm UTC 43 mins
    Jon Helmus, Dan Beavin, Aditya Agrawal, and Stefan Nicula
    This panel takes you inside the mind of a pentester. We’ve gathered some of the top members of the Cobalt Core (our closed community of skilled pentester talent from around the world) in order to pick their brains and surface key learnings gleaned from years of testing. Attendees will learn what makes a pentester tick, insider strategies for getting the most out of your pentest engagement, and insight on go-to vulnerabilities.
  • Building Resilience in Infosec: Lessons Learned From Military Experience Oct 12 2021 6:00 pm UTC 38 mins
    Andy Ellis, Nicole Ford, David Cross, and Britney Hommertzheim
    The military offers a sterling example of leadership in crisis situations. When a breach happens, pressure escalates and split decisions determine survival or disaster. No one can be fully prepared for the unknown, but there are methods to build up resilience in both ourselves and our teams. What better group to turn to for advice than security leaders who have worked on the front lines of risk and uncertainty?
  • SaaStock Sessions: 6 Steps to Building a Pentest Program for SOC 2 Compliance Oct 1 2021 3:00 pm UTC 41 mins
    Alex Jones and Rory McEntee
    Welcome to SaaStock Sessions: 6 Steps to Building a Pentest Program for SOC 2 Compliance

    SOC 2’s COSO Principle 16 requires companies to select, develop, and perform ongoing and/or separate evaluations to test their security controls. Pentesting is an effective solution to this point, because it uncovers complex and chained exploits your scanners might have missed. What’s more, pentests can be standardized and linked into a formal program that systematically stress tests your systems monthly, quarterly, or as often as you need.


    But how do you set up a pentest program for SOC 2 compliance? That’s the question we’ve raised to Alex Jones, Information Security Manager at Cobalt, and Rory McEntee — Director of Application Security at SpringCM, a DocuSign company. In this webinar, you can expect to learn more from them about:


    ● The value of a pentest program, particularly in achieving SOC 2 compliance;
    ● How to set one up, from picking the right assets to deciding on how often to test;
    ● How a pentest program can help you prepare for SOC 2 audits;

    We'll finish up with a 20 minute networking session, just jump into the networking area to get automatically matched with another attendee at random, for a short speed-networking chat.
  • Webinar: The State of Pentesting Report Recorded: Sep 13 2021 48 mins
    ay Paz, Director of Pentest Operations and Research at Cobalt, and Robert Kugler, Manager of Research at Cobalt
    Learn which findings came up most frequently from 1600+ pentests and how teams can respond to them. Jay Paz, Director of Pentest Operations and Research at Cobalt, and Robert Kugler, Manager of Research at Cobalt, will explore the most widespread vulnerabilities identified in the report and the setbacks that keep teams from preventing them.

    Expect to Learn More About:
    -How the most common vulnerabilities manifest in different applications
    -What their business impact could be
    -How to effectively fix these issues
    -What teams can do to prevent them earlier in the SDLC
  • How to Stay Audit Ready & Bolster Your ISO 27001 Compliance Readiness Recorded: Jul 27 2021 60 mins
    Alex Jones, Luke Doherty, Carman Kwong, and Jitendra Juthani
    Becoming ISO 27001 compliant is a by-product of a solid security program. However, the journey to get there can be grueling. Is your team prepared?
    While establishing such a program can be challenging, it doesn’t have to be. We're teaming up with Tugboat Logic for a webinar on how to prepare for and maintain ISO 27001 by scaling your security program with an automated approach.
  • How to Build in Flexibility to Create a More Effective Security Strategy Recorded: Jun 3 2021 59 mins
    Ray Espinoza, Dr. Emmanuel Adu and Jack Roehrig
    If the past year has taught us anything, it's that what we put on paper doesn't always pan out. Cybersecurity professionals know that a security strategy can quickly turn into projects with many twists, turns, roadblocks and surprises. We’ve invited two seasoned CISOs to get their take on how to navigate the challenges of making things happen in the day-to-day of this fast-paced industry, and how to build in flexibility for the unknown surprises along the way.

    Expect answers to questions like:

    -Can you plan an effective security strategy for the unknown?
    -What parts of planning do you have to get right to reduce issues during execution?
    -What tips have served you well in your career to stay on top of disruptions?
    -How do you keep your team motivated when blockers just keep coming?
  • An Interactive Pentest Experience Recorded: May 27 2021 62 mins
    Naz Bozdemir and Matt Bromiley
    Finding value in security operations is a primary goal for organizations. Consistent testing of security controls is one way to ensure that solutions are delivering on expectations. However, penetration testing is thought of as an "external" or "hands-off" service performed, often reducing impact and findings to a final report. What if organizations could turn external testing into an interactive experience, they could use to regularly evaluate and increase their security posture?

    In this webcast, SANS instructor Matt Bromiley describes how Cobalt's "pentest as a service" platform provides a unique, hands-on approach to this traditional security capability.

    Specifically, Bromiley shares his experiences using Cobalt to:

    -Define assets and schedule penetration tests to achieve results within a matter of days, not weeks.
    -Gain insights into current and previous operations by using detailed key metrics.
    -Work one-on-one with Cobalt's live testers, providing an impactful, interactive experience.
    -Evaluate the results of penetration tests via up-to-date reports purposed for compliance.
    -Create and prioritize actionable steps to quickly remediate vulnerabilities.
Modern pentesting for security and development teams.
Cobalt’s Pentest as a Service (PtaaS) platform is modernizing traditional pentesting. By combining a SaaS platform with an exclusive community of testers, we deliver the real-time insights you need to remediate risk quickly and innovate securely. More than 800 organizations rely on Cobalt for their pentesting program needs. Customers include MuleSoft, GoDaddy, Verifone, HubSpot, PaloAlto, Cengage, Pendo, Axel Springer, and Credit Karma. To learn more about Cobalt, please visit http://cobalt.io.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How to Build in Flexibility to Create a More Effective Security Strategy
  • Live at: Jun 3 2021 5:00 pm
  • Presented by: Ray Espinoza, Dr. Emmanuel Adu and Jack Roehrig
  • From:
Your email has been sent.
or close