Name: From Inside the House: Tackling Intentional & Unintentional Insider Threats
Start: 2023-07-18T16:00:00Z
End: 2023-07-18T16:00:47.000Z
Location: BrightTALK
Rating: 4.4

Today’s security leaders are busy managing the increasingly complicated relationship between security and privacy. As the CISO role evolves, they're not only security leaders but strategists and negotiators, often working to keep other employees safe while ensuring their cybersecurity plans align with business goals. In this series we’ll highlight security trends and share insights from industry thought leaders on cyber security strategies, best practices, and important compliance regulations. 

High-profile global events are prime targets for sophisticated cyber attacks, and it doesn’t get much bigger than the Olympics. 

This timely webinar examines the evolving tactics and techniques employed by bad actors targeting high-profile tournaments, summits, concerts and more.

Key discussion points will include:

- An examination of potential attack patterns 
- Attack sophistication, from basic DDoS to complex multi-vector operations
- How resilient security architectures are designed for temporary, high-visibility environments
- Effective threat intelligence sharing among international stakeholders
- Balancing security controls with operational requirements and user experience
- Practical approaches to preparing for potential incidents under intense public scrutiny

Join Dan, Earl and their panel of seasoned security leaders for this month’s episode of CISO Insights to learn more.

Cyberattacks on Global Events: An Olympic-Size Primer

As generative AI tools become increasingly accessible, organizations face critical security challenges when employees adopt personal AI solutions for workplace tasks. This month’s episode of CISO Insights sees Dan, Earl and guests examine the complex security, compliance, and governance implications of the emerging "Bring Your Own AI" trend.

Key discussion points will include:
- Identifying data exposure vulnerabilities when using consumer AI platforms
- Evaluating potential intellectual property and confidentiality breaches
- Developing effective BYOAI policies that balance innovation with protection
- Implementing technical controls without stifling productivity
- Creating awareness programs that address shadow AI usage
- Real-world examples of successful BYOAI governance frameworks
- Conducting comprehensive risk assessments of employee AI tool usage
- Techniques for detecting and managing unauthorized AI adoption
- Approaches for educating employees about AI security risks without creating fear

Join our expert panel as they navigate the complex landscape of AI governance and provide actionable insights for security leaders seeking to harness AI's benefits while protecting their organization's most valuable assets.

Secure Bots: Can You Safely Bring Your Own AI (BYOAI)?

In today's rapidly evolving threat landscape, the Chief Information Security Officer's role has undergone dramatic transformation. This month’s CISO Insights episode explores how the CISO position has evolved beyond traditional security management into a strategic business function with expanded responsibilities and challenges.

Key discussion points will include:
- The expanding scope of CISO responsibilities in 2025
- Balancing security imperatives with business innovation demands
- Managing board-level expectations and communication
- Predictions for the next evolution of the CISO role
- Addressing the cybersecurity talent shortage effectively
- Strategies for maintaining relevance in AI-driven security environments
- Building resilient security cultures across distributed organizations

Join our panel of veteran security leaders as they share candid insights about the changing dynamics of the CISO position, offering practical wisdom for both established security executives and those aspiring to the role.

The Changing Role of the CISO — for Better or Worse

Join CISO Insights hosts Dan Lohrmann and Earl Duby on stage as they summarize the 10th annual Cyber-Physical Systems Security Summit (CPS3), which was held May 13-14, 2025. 

The summit's goals were to drive discussion on major emerging cyber-physical security challenges affecting the military and critical assets for both national defense and homeland security. In this panel discussion, Dan and Earl are joined by experts who address both the problems and possible solutions to some of the hardest cybersecurity challenges facing the US today. 

Guest speakers include:
- Cherri Caddy, Former Deputy Assistant, National Cyber Director, White House
- Jeff Walthers, CEO, American Cybersecurity Group
- Jennifer Tisdale, Founder, Secure Vision Consulting LLC

From the stage: CISO Insights hosts recap the Cyber-Physical Systems Security Summit (CPS3)

Our world is becoming increasingly digitized and automated, from the cars we drive to the energy we use. Introducing technology to previously-manual processes can bring efficiency and greater ease of use, but it also opens up new risk areas. If the technology fails, access to critical utilities could be lost – to devastating effect. We are already seeing challenges with the water supply in many areas of the United States; hindering public access to water through technical issues only compounds an existing problem. Access to safe water must be protected, but how can we do this?

It’s not just technical error that can cause problems; more concerning is the ability for cybercriminals to target these municipal services, as a way to disable an entire geographical area. One of the most precious resources to secure in this new landscape must be water. So how can this utility and others be protected?

In the June episode of CISO Insights, hosts Dan and Earl will be joined by a panel of experts to break down what it will take to keep the water safe and ensure access to our most critical utilities.

Securing Utilities and Keeping the Water Safe

Technology continues to be one of the most exciting sectors for young professionals to enter and for veterans to conquer – but the rules are constantly changing. What was true for the class of 2022 is no longer true for today’s graduates, let alone those who entered the market a few years before. And what about those who have been in the industry for a while now, but are still unsure about the next step in their career? As companies invest in new technology areas and prioritize different programs, the roles they need and the jobs they are hiring for also change. 

It is reported that there are approximately 3 million cyber jobs available, but what do those roles actually entail? Who is hiring and which segments are seeing the most professional opportunity? How can current professionals adapt to this shifting industry and position themselves for years of future success?

Join Dan Lohrmann and Earl Duby in this latest episode of CISO Insights, as they are joined by a panel of industry experts to reflect on the current state of cybersecurity jobs.

Where Are the 3 Million Cyber Jobs? Cyber Careers & Your Next Tech Role

Since Elon Musk’s DOGE was formed, the Cybersecurity and Infrastructure Agency (CISA) has been gutted and top CISOs from numerous agencies have been fired. A further 32 (and counting) cybersec contracts with the CFPB have also been cancelled.

What do these unprecedented moves mean for the cyber safety of the USA’s citizens and its national security?

Join cybersec experts Dan Lohrmann and Earl Duby as they speak to guests about:

- DOGE's current cybersecurity setup following the changes made 
- How not having cybersecurity as top of mind can open the door to insider threats, foreign intelligence services and cyber criminals
- What's next: potential impacts from hacks, fraud, and privacy breaches
- And more

The DOGE-effect on Cyber: What's happened and what's next?

Ransomware is a constant thorn in the side of CISOs everywhere. No matter how we adapt our security measures, these cybercriminals are similarly devoted to finding a way through and causing grievous harm. It can feel like running on a hamster wheel, but it is imperative that cybersecurity teams don’t become complacent or fall into a false sense of security. In 2025, ransomware must be taken as seriously as in the years before.

Cybercriminals have more advanced weapons but modern CISOs can be equally well-equipped. The key is to keep evolving. In this new world of ransomware, of ransomware 3.0, what does it take to stop a cyber attack in its tracks? How can IT teams safeguard their operations from the most persistent and dangerous criminals? Can anything truly stop these bad actors?

Join Dan, Earl and their panel of guests to deep dive into the current state of ransomware, pinpoint how it’s changed in 2025 and learn what security teams can do to stay one step ahead.

Ransomware 3.0: Can Anything Stop These Bad Actors?

It has never been easier to spread information across our interconnected world, but with information comes disinformation. The advancement of generative AI and its increasing accessibility are making it hard to tell truth from fiction on the internet – and this will only become more challenging as the tools improve. Even the most discerning netizens can find themselves falling for deepfakes and disinformation, especially when the sheer volume of material makes fact checking a mammoth task.

What is the role of governance in this new environment? Is it the responsibility of our institutions to enact laws and bans to control the spread of disinformation, or should we be taking this on as individuals? What does it mean for the internet if we cannot trust what we find there to be real? 

In this episode of CISO Insights, hosts Dan and Earl will be joined by an expert panel to look at what practically can be done to combat deepfakes and disinformation – and ask what should be done.

Deepfakes and Disinformation: Will Laws and Bans Stop the Flow?

The cybersecurity landscape is constantly evolving and no one can truly know what lies ahead… but we can make informed predictions about the industry in 2025. Those who have a good sense of what’s around the corner will be better prepared to respond to arising challenges – and opportunities. The key is to pay attention to the right data and the right industry experts.

The predictions market is about more than looking at clear trends and buzzy innovations: The most useful ones take into account current pain points and growth areas; they analyze current global players and review the latest research on global security incident trends; and they invite the perspectives of fellow industry veterans, to collate the most comprehensive and well-developed forecast. We may not be able to pin down the future exactly, but we can come close.

Join series hosts Dan Lohrmann and Earl Duby as they open 2025 with their beloved annual predictions episode. In this conversation, the panel will look at the most exciting areas of development in cybersecurity and predict what may lie ahead, so that we all might feel more prepared for the future.

For an advance look at Dan Lohrmann's security predictions for 2025, you'll find his online post, "The Top 25 Security Predictions for 2025 (Part 1)," now linked in the attachments section.

Episode Guests:
Sravish Sridhar, CEO & Founder of TrustCloud
Tabice Ward, Cybersecurity Executive and Adjunct Lecturer at the University of Detroit Mercy

The Top 25 Security Predictions for 2025

Modern conflict increasingly centers around technology and digital infrastructure. The battlefield is no longer solely a physical stretch of terrain between territories; war is waged behind enemy lines, within their networks and inside their security systems. Cyber attacks can be hugely debilitating when launched successfully, causing widespread damage and incapacitating many functions. How can entities protect their operations from opponents, particularly in this new landscape of warfare?

Following several years of international conflict and discord, this episode will look at what we have learned about cyber warfare and what we should take with us to greater protect our digital terrain. While we cannot always avoid the battle, there are steps that can be taken to reduce the harm inflicted.

Join Dan Lohrmann, Earl Duby and their expert guests, Richard Stiennon and Michael McLaughlin, in the final CISO Insights webinar of 2024, for a thoughtful conversation around the key takeaways of cyber warfare to date.

Guest Panelists:
Richard Stiennon's impressive career in cybersecurity includes authoring two key texts on cyber warfare: "Surviving Cyberwar" (2010) and "There Will Be Cyberwar" (2015). An established leader in the field, Stiennon is also the Chief Research Analyst for IT Harvest, the industry analyst firm that he founded in 2005. His newest book is Security Yearbook 2024.
https://www.linkedin.com/in/stiennon/

Michael McLaughlin is currently the Co-Leader of the Cybersecurity & Data Privacy Practice Group and a Principal Policy Advisor at Buchanan Ingersoll & Rooney PC. His vast career history includes experience in cybersecurity, government contracting, and national security, and he authored the notable book, "Battlefield Cyber: How China and Russia are Undermining our Democracy and National Security."
https://www.linkedin.com/in/michael-g-mclaughlin/

Cyber Warfare: What We’ve Learned From Past Conflict

With a new election around the corner and last election's voting dramas still in our minds, security concerns around digital voting booths are at an all time high. Not only does a democracy require a secure voting system to function at all, but the voting public must be able to feel confident that the election has been handled safely and honestly. Without this trust, our nation’s public institutions could find themselves vulnerable.

Despite concerns about criminal interference, a software-powered ballot box remains the most efficient and accessible form of voting that we have – and one that doesn’t look like it will go away any time soon. So how can we strengthen this system and foster confidence in the voting system? What does a truly secure ballot box look like? And is this something that should be modernized or improved upon for future elections?

Join hosts Dan Lohrmann and Earl Duby in this election-themed episode of CISO Insights, to hear them and their expert guests take a sharp look at defending the ballot box.

Defending the Ballot Box: What It Takes to Digitally Protect an Election

Hosts: Dan Lohrmann, Presidio; Earl Duby, Auxiom
Speakers: Jennifer Tisdale, Grimm; Moe Yassine, Stealth AI Startup

Concern for the environment and a move away from fossil fuels has supercharged the growth of the electric vehicle market. While in many ways this is a sign of progress, the explosion of electric transport has placed new demands on local infrastructure and created new security risks. The digitization of a previously analog process has opened the door to a new kind of cyber crime, which in turn has prompted a new kind of cyber security.

What does it look like to install and secure charging stations across the country? How can electric vehicles be safeguarded against cyber attacks, particularly ones that feature self-driving functionality? What does it mean to secure the future of mobility in this new electric landscape?

In this latest episode of CISO Insights, hosts Dan Lohrmann and Earl Duby will be joined by expert guests to review the security concerns of electric transport – and discuss what it will take to protect it.

Securing Software Defined Vehicles

As local public infrastructures become increasingly digital and "smart", protecting these systems poses a new security challenge. Depending on whether these programs are run by local government or outsourced to corporate entities, there may be varying levels of existing security protocols – and varying amounts of investment available. But the stakes are higher than ever: Once a town or city digitizes its public environment, every resident is now an active participant in this smart landscape.

To address these new and growing security concerns, municipal services and cyber security providers must work together. Defending smart cities will be an evolving process, as new service features are introduced and new threats are detected. For security professionals, this could be an exciting, if high-stakes, challenge for both today and the future. But where should cities begin? And where are the biggest risks?

Join CISO Insights hosts Dan Lohrmann and Earl Duby in this latest webinar, as they take a closer look at what it really takes to defend smart cities with their expert guests.

Defending Smart Cities: How to Protect Local Infrastructure in a Digital World

Every organization is concerned about cyber crime and their security protocol, which can be a source of stress – but also a great source of opportunity for security professionals. The industry is full of new challenges and investment, yet not every company is approaching cyber security in the same way and with the same resources. As a security professional, there is clearly opportunity to thrive, but it’s not always clear where those opportunities lie. How can you know when to stay put and when to move onto the next role?

Cyber security jobs range from service providers and developers, to in-house teams and consultants. The nature of each position will also vary depending on the size of the organization, the amount of investment available and the organization’s approach to security. For professionals, this landscape might be overwhelming – or inspiring.

In this next installment of CISO Insights, hosts Dan Lohrmann and Earl Duby will be joined by cybersecurity experts to look into the cyber job market and assess what your next move should be.

The Cyber Job Market: When to Stay and When to Move

What will come next in our world of cybersecurity as we head into 2024? What will be hot, and what will not?
The best security predictions do much more than just make educated guesses at what might happen in the next year or two. They examine the vendors who study global security incident trends; analyze what’s working and what’s not; consider new cyber solution alternatives, and use science and data to gaze into the future and make forecasts.
Join series hosts Dan Lohrmann and Earl Duby and their guests for the annual security predictions episode. The expert panel will draw from the perspectives of top cybersecurity industry companies, thought leaders, tech executives and journalists to put together the ultimate predictions guide.
Come explore the future – from a cyber perspective.

The Top 24 Security Predictions for 2024

"If there has been a single dominant topic of discussion in 2023, it has to be the rapid rise of generative AI. New developments in the technology have drawn mass attention and it seems like everyone is trying to figure out how best to deploy generative AI in their own organizations. This presents a great opportunity to optimize existing machine learning efforts and automate operations even further – but it also opens the door to dangerous gaps in governance. Without the right protocols, companies can become vulnerable to a host of problems, from data loss and increased attack surface area to copyright issues and misinformation. 

The technology is so new that many organizations won’t yet have clear policies in place around the use of generative AI. And while there are licensed, regulated generative AI tools available, many people are currently using the vast array of free apps that have not been scrutinized from a compliance standpoint. How can teams take advantage of these new opportunities created by generative AI, while maintaining their standards of security and governance? How can teams protect themselves from the risks of shadow IT and create clear governance policies?

Tune into this latest episode of CISO Insights to hear Dan Lohrmann, Earl Duby and guest experts discuss how to govern data and balance the dual threat and opportunity of generative AI.

Threat & Opportunity: Governing Data in the Age of Generative AI

Security audits can feel like necessary evils, especially for overburdened security teams. When done effectively, an audit can identify potential problems before they cause real damage, which saves money, protects privacy and keeps organization’s compliant. It’s not surprising that audits are recommended at least every six-twelve months. Yet they can feel like resource drains, especially when operations are running smoothly. Why devote hours of time and effort to verify what you already know?

The simple truth is that while each organization will benefit differently from a security audit, there is something to be gained by instituting a systematic review of company information systems. Each business will need to determine the frequency and criteria that work best for them, in order to maximize impact without compromising on speed or efficiency. Figuring out this balance will be the critical challenge, but one with substantial payoff.

In this episode of CISO insights, series hosts Dan Lohrmann and Earl Duby will be joined by industry experts to break down the good, the bad and the need to know about security audits.

Audits & Auditors: The Good, The Bad & The Need to Know

Join CISO Insights hosts Dan Lohrmann and Earl Duby on stage as they summarize the 10th annual Cyber-Physical Systems Security Summit (CPS3), which was held May 13-14, 2025.

Cybersecurity threats have been growing year on year, with 2022 seeing ransomware attacks increase by 87% against industrial organizations, according to a Dragos report. These breaches can come at a high cost if successful; ransomware extortion totalled $456.8 million in 2022, after a high of $765.6 million in 2021. But is cyber insurance the answer?

Unlike other forms of insurance, cyber insurance language is not standardized and this can lead to significant variations in policy coverage. Certain offenses, like cyber warfare, are often excluded from coverage, while individual insurers may disagree on what constitutes an approved “loss event.” Yet is it worse to be left without any protection at all?

In the latest installment of the BrightTALK Original series CISO Insights, industry experts will look at how to navigate the question of cyber insurance in 2023.

Tune in to hear more about:
— The real stakes of cyber security right now
— What comprises a robust cyber insurance policy 
— How the market has changed in 2023
— And much more

Episode speakers:
Dan Lohrmann, Presidio
Earl Duby, XFactor.io
Maria Thompson, AWS
Bridget Kravchenko, HNI Corp.

Risk & Reward: Navigating Cyber Insurance in 2023

There are few worse places to be in cybersecurity than reacting to a successful cyberattack. When a threat actor is in the network, they hold all the cards. With ransomware, phishing, and other attacks on the rise, an organization without a proactive plan is playing with fire. 

As we move into an ever more connected and online world, it is tantamount that CISOs and their teams craft and implement a strategic security plan. Cybersecurity teams that are prepared can save their organizations millions of dollars, and prevent hours, or even days, of downtime. 

Join us in this episode of CISO Insights as we explore how cybersecurity experts can build out a strategic security plan that works for their teams and their companies. 

Topics for Discussion Include:
- The evolution of threats CISOs face
- Why a strategic security plan is more important than ever
- How teams can use proven strategies to build a plan that fits their unique requirements
-And more

Staying on the Front Foot with Strategic Security Planning

As hybrid workplaces thrived in 2022, the security landscape has had to constantly evolve to accommodate a growing number of devices and workplaces. The expansion of endpoints and networks this entails will continue to challenge CISOs, but that’s not the only threat CISOs are expected to face in the new year. The Internet of Things grows day by day, and the estimated 43 billion devices that Gartner predicts will be connected to the internet need to be secured.  

Join us in our third annual forecasting webinar as we take a deep dive into 2023 security trends and discuss:

— Dan Lohrmann’s 2023 security predictions - visit the attachment section for the full article! 
— How the ‘New Normal’ of work and IOT are affecting the security posture of organizations
— The expansion of AI and its ramifications for CISOs and IT Departments 
— And more

Top Workspace Security Predictions for 2023

According to The Life and Times of Cybersecurity Professionals 2021 report by the Information Security Systems Association, the ongoing cybersecurity skills crisis has steadily continued for over five years. Organizations are consistently on the prowl for talented cybersecurity professionals to combat increasingly prevalent and sophisticated cyber attacks. However, is hiring the “best fit” the only option organizations have to address the ongoing cybersecurity skills shortage? 

After working alongside the constant cybersecurity skills shortage, CISOs understand that only looking to hire talent won’t cure the longstanding problem. So how are security executives addressing the growing need for cybersecurity skills? Join Hosts Dan and Earl with guests as they take a deeper look into the cybersecurity skills shortage and:

- Innovative new strategies organizations are utilizing to tackle the cybersecurity skill shortage from integrated security architectures to partnerships with third party services or vendors
- Investing in IT and security staff through cybersecurity training
- Embracing automation and analytics to streamline security processes

The Cybersecurity Skills Shortage: Why, How, and What To Do About It

Just as it takes a village to raise a child, it takes every employee to keep an organization safe. Whilst security teams draft up cloud security solutions and invest in threat detection technology, this won’t prevent employees from being coaxed into buying hundreds of dollars worth of gift cards that their boss requested from a supposed personal email. 

With Verizon's 2021 Data Breach Investigations Report finding that 96% of phishing attacks arrive by emails, employees need to be aware of basic cybersecurity best practices in daily life to help promote an active cybersecurity culture within the organization. Creating a cybersecurity culture in the workplace is an ongoing goal that improves not only the organization’s security posture but also employee communication and teamwork. 

Along with discussing how cybersecurity teams can collaborate with employees through user awareness training to establish and promote cybersecurity policies and guidelines, this episode of CISO Insights will cover:
- What it means to create a culture of cybersecurity in the workplace
- Best practices to keep in mind when creating and managing cybersecurity culture in the workplace
- Incorporating user awareness training and cyber hygiene in daily workday whilst overcoming employee reluctance against mandatory security training

Establishing Cybersecurity Culture in Today's Workplace

In 2021, businesses spent on average $1.85 million recovering from ransomware attacks, according to Sophos “State of Ransomware 2021”. Ransomware damages are costly, and now increasing attacks are forcing security leaders to re-evaluate their backup and recovery processes. However, there’s an even bigger disrupter to disaster recovery processes: cloud technology, which is changing the way data is protected and how people need to prepare for recovery.

Cloud-based business continuity and disaster recovery have long been hailed as a cost effective, accessible, and safe option for organisations looking to achieve operational resiliency. With increasing cyber attacks, supply chain difficulties, and natural disasters, organizations need to take a deeper look into how Cloud can impact their backup management and disaster recovery plan. 

In this episode, we’ll be looking at how organizations can effectively protect themselves in the age of Cloud. 

Join us to learn:
- How Cloud technology has evolved and impacted security leaders’ disaster recovery and business continuity plans over the past 18 months
- Differences between disaster recovery in cloud computing versus traditional disaster recovery
- Deciding between  on-premise data centers or a migration to cloud and how to incorporate Cloud into your disaster recovery plans 
- And more!

Disaster Recovery and Business Continuity in the Age of Cloud

As organizations are looking for ways to stay on top of an evolving threatscape, many are
looking towards AI to enhance their security strategies and fend off cyber attacks before they
happen. In the 2022 CIO and Technology Executive Survey by Gartner, 66% of respondents
reported that they expected to increase cyber and information security investments for the
next year. More than half of respondents reported that they planned to heavily invest in
business intelligence and data analytics.

However some security leaders are cautious about adding artificial intelligence into their
security arsenal. Despite rapid advancements in AI, these solutions can also come with their
own unique set of drawbacks. Some skeptics say that AI technology is still immature and
that there may be simpler, more cost-effective solutions. With all the interest surrounding AI
in cybersecurity, it’s important for organisations to establish realistic expectations.

Join this panel to learn more about:
- The current state of AI in security
- What CISOs and their teams should keep in mind about AI
- How AI impacts your workforce strategy
- And more!

Speakers:
- Dan Lohrmann, Field CISO at Presidio
- Earl Duby, CISO at Lear Corporation
- Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
- Warsamé Ahmed, Co-Founder & CEO at BR[AI|YT.ai

Using AI in Cyber Security: Boon or Bust?

Cyber security breaches are becoming increasingly more public and costly affairs, leading organizations to pay a closer look at their current and future security postures. With Gartner predicting worldwide IT spending to grow by 5.3% in 2022, it’s clear that organizations are looking for ways to optimize their resiliency roadmaps with new strategies and investments. As ever, it helps to hear from those who have been there, done that and who can share insights into overcoming cyber breaches. 
 
In this episode of CISO Insights, we’ll be doing just that, as well as delving into Dan Lohrmann’s newest book, ‘Cyber Mayday and the Day After’, and exploring how organizations can handle cybersecurity incidents before, during, and after they happen. 
 
Join us to hear:
- What leaders wish they'd known before a cyber attack and how they prepare for future situations now
- Where leaders see cyber security heading and what challenges lie ahead
- How to communicate and collaborate with vendors and partner to implement your crisis response
- How to maintain public trust in your firm, and the importance of executive-level media responses
- And more

Speakers:
- Dan Lohrmann Field CISO Public Sector at Presidio
- Earl Duby CISO at Lear Corporation 
- Richard Meeus, Director of Security Technology and Strategy EMEA at Akamai
- Sammy Migues, Product Management Sr. Director at Synopsys

How to Prepare, Manage, and Recover from Inevitable Business Disruptions

Security threats are continuing to shape shift and evolve. At the same time, organizations are looking at the latest ways to streamline their operations as remote working begins to change into a hybrid working model. As a result, the CISO’s role is more demanding than ever. With Gartner predicting that nearly a third of workers worldwide will be working in a remote or hybrid setting in 2022, it’s essential that security leaders are fully up to date about the security risks facing new iterations of the workspace.

Join this episode of CISO Insights as we welcome Dan Lohrmann and dive into his security predictions for the year ahead. We’ll be discussing security and tech predictions on the continuation of the hybrid and remote workforce, how businesses can arm themselves against major security incidents, and more. This webinar will dig into Dan Lohrmann’s 2022 prediction report and cover upcoming security industry reports, forecasts, themes, and trends. 

Join us to learn:
- What the dominant security trends are that can help prepare CISOs for the new iteration of the workplace
- What security leaders are in agreement and disagreement about regarding possible threats 
- Must-read reports that can help CISOs get ahead of 2022 risks 
- And more

Speakers:
- Dan Lohrmann, Field CISO, Public Sector at Presidio
- Earl Duby, CISO at Lear Corporation
- Chris Stefan, Global Advisory CISO at Stefan & Associates
- Aleksandr Zhuk, CISO at SFOX

Top Workspace Security Predictions for 2022

Although cloud has become a foundation for many organisations, some still struggle to optimise their cloud security. Gartner predicts that through 2020, 95% of cloud security failures will be the customer's fault. In 2020, companies struggled to accommodate the shift to remote work with fast-tracked digital transformation initiatives, leaving themselves vulnerable to cyber attacks. How can today’s CISO mend the gaps and create a foolproof cloud security strategy?

Today’s CISO needs to adapt to the growth of cloud users, manage cloud access and identity while continuing to monitor for threats, and more. Join this webinar to learn about key cloud security considerations CISOs should keep in mind as they secure their organisation’s transition to the cloud.

Tune in to learn more about:

-Top security strategies and solutions to consider
-Biggest cloud security challenges of 2021 and beyond
-Adopting a risk management framework
-Challenges in managing cloud access and identities
-Regulatory considerations and cloud privacy

Speakers:
- Dan Lohrmann, Field CISO - Public Sector at Presidio 
- Earl Duby, CISO - Lear Corporation
- Chris Hill, RVP Public Cloud & Alliances at Barracuda
- Daniel Cohen, Vice President Cloud Services at Radware

How CISOs are Transitioning with Cloud

SASE, or Secure Access Service Edge, is quickly growing to be the next big thing. 40% of enterprises will consider SASE adoption by 2024, compared with the 1% in 2018, according to Gartner. As more organizations adopt cloud to accommodate remote work, a Zero-Trust approach becomes essential. Workers need quick, reliable, and secure access to their SaaS applications and digital services, and SASE is here to help.
 
As organizations and industry professionals start looking at SASE and what it can do for their business, it's important to get the facts straight. Join this webinar to learn what SASE can do for your network security, and what the future of SASE looks like. 
 
Join security experts as they discuss:

- What SASE is
- Why SASE has exploded in the network security space
- Strategic insights into how best to implement SASE
- Trends driving SASE growth and what they mean for the future

Speakers:
- Dan Lohrmann, CSO at Security Mentor 
- Earl Duby, CISO at Lear Corporation 
- Sinan Eren, VP Zero Trust Access at Barracuda 
- Jack Miller, Head of Global Professional Services at Menlo Security

Is SASE the Future?

According to the 2021 Gartner CIO Survey, 64% of employees are now able to work from home, and two-fifths are working from home. As more companies adopt a permanent hybrid workforce, it’s a constant challenge for CISOs to keep remote workers secure and ensure secure remote access.
 
So what are the main problems faced by CISOs today, and what tools are needed to navigate these risks? Hear from industry leaders on how they’re adapting their security strategies and learn more about how the CISO role has evolved over the last few years.  
 
Join security experts across the industry as they discuss:

-  What are the key security strategies and solutions to focus on
-  Why connected devices are a popular target for attackers
-  Steps for easy cyber hygiene at home and at work
-  CISO recommendations & best practices
- What the next year has in store for security professionals

Speakers:
- Dan Lohrmann, Chief Strategist & CSO at Security Mentor 
- Earl Duby, Vice President and CISO at Lear Corporation
- Endré Jarraux Walls, EVP, Chief Information Security Officer at Customers Bank
- Devin Krugly, Practice Advisor of Vulnerability Risk Management at Rapid7

CISO Security Strategies for a Hybrid Workforce

Every year top security companies, industry thought-leaders, and tech media publications come out with their predictions for the upcoming year, and every year Dan Lohrmann publishes his roundup of these security industry reports, forecasts, themes and trends.

This BrightTalk webinar will dig into the 2021 prediction report in detail.

In addition to counting down (and referencing) the top 21 security prediction reports from the leading vendors, this webinar will examine:
- Where is their agreement on what’s coming next?
- Where is their major disagreement?
- Where will cyberattacks come from next?
- Which vendors have the best reports (and why)?
- Who are the award-winners for most creative, most likely, most scary and other security industry predictions?

We'll discuss security and tech predictions on Covid-19 and working from home as well as major security incidents such as attacks on global events (like the 2021 Olympics), cyber incident response and much, much more.

We will take your questions at the end, and may even ask you to vote for your favorite predictions (or offer one of your own to share.) Join us now!

CISO Insights - The Top 21 Security Predictions for 2021

The 2020 elections in the U.S. have been historic in numerous ways. With more email-in voting than ever before and very close results for the U.S. President and Congressional races, there is plenty to discuss about security. 

Was there voter fraud? Were the people, process and technology changes sufficient in states? How can we rebuild trust in elections? What is the future of voting in America?

Join us for this interactive discussion with audience Q/A.

This panel is part of the CISO Insights original series on BrightTALK with hosts Dan Lohrmann & Earl Duby. We encourage audience questions and participation.

Cybersecurity and Elections – Past, Present, and Future

By popular demand, the CISO Insights series is back in October for National Cyber Security Awareness Month with a new episode on securing connected devices.

Join this interactive Q&A discussion with CISOs to learn more about:
- Why connected devices are a popular target for attackers
- Steps for easy cyber hygiene at home and at work
- Building a security culture together 
- CISO recommendations & best practices

Speakers:
- Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
- Earl Duby, CISO, Lear Corporation
- Keith Hollender, former CISO; Partner, Global Cybersecurity Practice Lead at MorganFranklin Consulting
- Adam Ford, CISO of Illinois

This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

We welcome and encourage audience participation and questions.

CISO Insights: How to Practice Cyber Hygiene & #BeCyberSmart

By popular demand, this CISO Insights webinar is a follow-up to the immensely successful sessions held in March and May. The webcasts (links in Attachments): "Coronavirus Actions and Risks for Tech and Security Leaders" & "Back to the Office – Or Not? Next Steps in Pandemic Technology Response" were viewed thousands of times, and numerous attendees asked for this update.

Join this roundtable discussion to learn more about:
- Back to the office timing, decisions, strategies and tactics on the ground
- Quick Sector updates for government, manufacturing and healthcare
- Unemployment fraud
- Noticeable spike in phishing in June (related to civil unrest/Anonymous?)
- Team chemistry through the lockdown (how has onboarding been)
- Revenue loss impact on teams (downsizing? How has off-boarding been accomplished?)
- Overall CISO mental health through the quarantine and civil unrest

Speakers:
- Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
- Earl Duby, CISO, Lear Corporation
- Vinod Brahmapuram, CISO, State of Washington
- Scott Larsen, CISO, Large healthcare provider

CISO Pandemic Response: Next Steps

As the United States enters a new phase in Covid-19 response, how are businesses and governments responding? What lessons have been learned, and what next steps are organizations taking? How can technology and cybersecurity mistakes be avoided?

Join this webinar for the latest coronavirus playbook roundup and recommendations on how to address the next phase of the outbreak. Learn the scope of the unprecedented challenges organizations are currently facing. Hear from industry leaders on how they are addressing the COVID-19 security and technology challenges.

By popular demand, this webinar is a follow-up to the immensely successful BrightTALK session held on March 13 at the beginning of this emergency. That webcast (link in Attachments): Coronavirus Actions and Risks for Tech and Security Leaders, was viewed thousands of times, and numerous attendees asked for this update. 

Topics will include: 
- Policy, technology and process steps to take today to protect your workforce and organization. 
- Lessons learned from more staff working from home (telework)? 
- What mistakes can be avoided as staff prepare to go back to offices –and how? 

We will close with a Q/A session with the audience.

Speakers:
- Dan Lohrmann, Chief Security Officer & Chief Strategist at Security Mentor Inc.
- Earl Duby, CISO at Lear Corporation 
- Vinod Brahmapuram, CISO at State of Washington Government
- Scott Larsen, CISO of a large healthcare provider

Back to the Office – Or Not? Next Steps in Pandemic Technology Response

BrightTALK Originals: CISO Insights

Cybersecurity is so often focused on securing enterprise infrastructures from external threats – for good reason. Cyber attacks are always evolving alongside security protocols, so organizations must stay vigilant. Yet when so many resources are devoted to protecting operations from the outside, it is easy to leave yourself at risk of another kind of attack: insider threats. In fact, a 2023 study from Cybersecurity Insiders found that 74% of organizations are at least moderately vulnerable to insider threats.

Insider threats require an entirely different security approach, especially as they bring up an entirely new problem: accidental or unintentional threats. Not all internal damage is done maliciously, with many incidences tied more to human error than criminal intent. The Ponemon’s Institute’s “2022 Cost of Insider Threats Global Report” found that over half of insider threats (56%) came from employee or contractor negligence. Creating an internally secure environment for your organization therefore requires a multi-pronged strategy that can protect against both intentional and unintentional attacks.

In this episode of CISO Insights, series hosts Dan Lohrmann and Earl Duby will be joined by security experts to break down what it takes to tackle insider threats.

From Inside the House: Tackling Intentional & Unintentional Insider Threats

Insider Threat

Cyber Attacks

Cyber Crime

Cyber Incident Response

Cyber Defence

Security

Cyber Security

Secure Access

Enterprise Security

SecOps

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

From Inside the House: Tackling Intentional & Unintentional Insider Threats

Presented by

About this talk

CISO Insights