Name: A CISO's Guide to Mastering Cyber Incident Response: Are Your Vendors Your Weakest Link?
Start: 2025-06-03T18:00:00Z
End: 2025-06-03T18:00:38.000Z
Location: BrightTALK
Rating: 5

A global leader in Supply Chain Detection and Response,  SecurityScorecard empowers swift management and mitigation of critical third-party risks.

Our mission is to make the world a safer place by transforming the way organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. Here, you'll find content filled with experts chatting through the evolving cybersecurity threat landscape, how to monitor (and remediate) your cybersecurity posture (and that of your vendors), potential regulation around cyber risk mitigation, and more!

You can monitor your organization's risk with a free account here: https://securityscorecard.com/free-account-trial/

The risk landscape is changing faster than ever. Cyber incidents now spark operational shutdowns, vendor instability exposes sensitive data, and regional disruptions cascade into financial and reputational loss. Risks that once seemed separate now move together and demand an integrated response.

Join Dr. Aleksandr Yampolskiy, CEO of SecurityScorecard, and Jenna Wells, CEO of Supply Wisdom, for a thought-provoking discussion on how leading organizations are redefining readiness in a world of converging threats.

Discover how continuous, multi-domain intelligence helps teams anticipate disruption, act faster, and build confidence across the enterprise.

Learn how to move beyond cyber awareness toward continuous readiness, where real-time insights drive decisive action, regulatory assurance, and resilience that lasts.

Key Discussion Themes: 
• Why readiness today demands a unified view across cyber, financial, operational, and compliance domains
• How connected intelligence empowers security and risk teams to prioritize what matters most
• How collaboration between Supply Wisdom and SecurityScorecard helps enterprises operationalize continuous monitoring and rapid response

Redefining Readiness in an Era of Converging Risk: Why managing cyber risk means managing every kind of risk

La ciberseguridad es hoy un pilar estratégico para proteger a las organizaciones y garantizar continuidad del negocio. En este webinar en vivo, exploraremos cómo planificar la estrategia de ciberseguridad para 2026, utilizando SecurityScorecard como aliado clave en la medición, gestión y reducción de riesgos.

Planificando La estrategia de Ciberseguridad 2026, usando SecurityScorecard

Over half (52.6%) of Indian vendors experienced a third-party breach in the last year,  a signal that India’s globally embedded vendor ecosystem is both a powerhouse and a prime target.

From IT services to pharmaceuticals, attackers are exploiting trust relationships to move laterally across organizations. 
Learn how smarter oversight and continuous monitoring can help secure one of the world’s most critical supplier landscapes.

Our experts, Vikram Bhatti and Adam Denyer-Hampton will discuss: 

• What makes Indian vendors both high-value and high-risk?
• Why vendor scores in India are so polarized — and what that means for you
• Navigating the paradox of secure-yet-breached IT providers
• Red flags to watch when onboarding pharma, auto, and semiconductor suppliers
• Real-time risk monitoring and how to uncover hidden fourth-party exposures
• Practical advice for building resilience across India-dependent supply chains

A Security Assessment of Key Indian Suppliers: Third-Party Cyber Risks to Global Supply Chains

Is your supply chain a cyber risk blind spot? Vulnerabilities within your vendor ecosystem can severely impact your organization's security and bottom line. If you're grappling with limited visibility, complex supplier networks, and the constant threat of third-party breaches, this webinar is for you.

Join us to discover how a managed Supply Chain Detection and Response (SCDR) service, like SecurityScorecard MAX, transforms your approach to vendor risk. We'll explore:

- How to move from merely identifying risks to actively remediating them and building a stronger defense.
- How proactive, expert-led vendor engagement and continuous monitoring directly translate into significant cost savings and operational efficiencies.
- The differences between traditional third-party risk management and managed supply chain detection and response,
- Best practices and success stories from your peers who have adopted this new approach.

Fortifying Your Supply Chain: The ROI of Managed Supply Chain Detection and Response

The STRIKE Threat Intelligence team at SecurityScorecard has just unveiled a new research report on a sweeping espionage operation weaponizing home routers into a global spying operation.

The report on Operation WrtHug underscores a critical shift in global espionage: State-backed actors are systematically co-opting consumer devices like your home router to build pervasive spy networks.

Join SecurityScorecard's STRIKE Team—Gilad F. Maizles (Security Researcher), Marty Kareem (Signals Collection Engineer), and Ryan Sherstobitoff (Field Chief Threat Intelligence Officer)—alongside Shannon Vavra, award-winning journalist and Senior Content Writer at SecurityScorecard, for a discussion of the findings and implications of this global espionage campaign:

• The Unique Digital Fingerprint: How STRIKE unearthed thousands of compromised ASUS routers worldwide.

• The Geopolitical Web at Play: Why the operation heavily focused on Taiwan and how the attack's methods align with previously observed China-affiliated campaigns.

• The End-of-Life Threat: Key mitigation steps against attacks that exploit End-of-Life (EoL) devices.

Reserve a seat today!

Read the report and visit the blog on the research: https://securityscorecard.com/blog/operation-wrthug-the-global-espionage-campaign-hiding-in-your-home-router

The Silent Spies Hiding in Thousands of Devices: Operation WrtHug

Are you stuck in a reactive cycle of third-party risk management? Today's threat landscape demands organizations move beyond limited visibility of their supply chain ecosystem and basic due diligence. 

Join us for this session as we demystify the supply chain cybersecurity maturity curve and outline the concrete steps required to turn fragmented defense into a coordinated, long-term capability to identify, prioritize, and take action on cyber risks. We will break down the entire journey from basic due diligence to the most mature stage: supply chain incident response.

In this webinar, you will learn how to:

- Benchmark Your Maturity: Understand the four stages of supply chain cybersecurity maturity and pinpoint the constraints that are holding your program back.
- Implement the SCDR Framework: Discover the approach of Supply Chain Detection and Response (SCDR) and how it shifts your focus from passive measurement to active, coordinated action.
- Leverage Key Accelerators: Learn how you can overcome roadblocks and dramatically accelerate your progress up the curve.
- Achieve Quantifiable Results: Discover how to transform your TPRM team into supply chain incident responders.

From Checkbox Compliance to Active Defense: Mastering the Supply Chain Cybersecurity Maturity Curve

What if you could harness the power of AI to transform your third-party risk management program?

In today's complex supply chain risk environment, managing cyber risk is no longer just about receiving a single security rating and traditional vendor assessments. Manual processes leave security teams spending countless hours gathering data and chasing down responses. This time-consuming, reactive approach leaves you vulnerable and unable to focus on the most critical threats. You need a smarter, more efficient way that provides deeper, proactive insights, such as industry benchmarking for vendors and automating workflows to prioritize the highest-risk issues.

Join us to learn how SecurityScorecard is leveraging AI to help you:

-- Automate Your Workflows: Automatically trigger questionnaires and streamline the entire assessment process.
-- Leverage Intelligent Automation: Analyze vendor documents and auto-fill questionnaire responses, saving you time and ensuring accuracy.
-- Prioritize with Precision: Analyze your portfolio to identify the most critical risks and prioritize your remediation efforts.
-- Operationalize with Ease: Discover how to integrate AI-driven insights into your existing systems for a truly seamless and efficient program.
-- Turn Data into Action: Get a clear, quantifiable view of your risk posture, enabling you to make smarter, data-driven decisions.

Luke, Anne, and Kelsey will discuss our AI vision, how we use AI responsibly and securely, our current AI offerings, and the future of AI at SecurityScorecard. 

Please come with questions! We want to make this webinar interactive and relevant to you.

AI-Powered Third-Party Risk Management: Go Beyond the Score

Únete a nuestro webinar en vivo y descubre cómo automatizar la gestión de riesgos de terceros para fortalecer la postura de ciberseguridad de tu cadena de suministro.
Mostraremos cómo las organizaciones pueden anticiparse a las amenazas con un enfoque más eficiente, continuo y proactivo.

Automatizando la gestión de Riesgos de Terceros

We've entered a new era of cyber risk, where attackers have shifted from targeting organizations directly to exploiting the weakest links in their supply chains. This is a critical concern for CISOs, as a single breach can have catastrophic global consequences.

As regulatory bodies intensify their focus on supply chain cybersecurity, many organizations find themselves unprepared to effectively manage their supply chain risk programs. Enter Supply Chain Detection and Response (SCDR). Join us to discover how you can enhance your organization’s security posture and protect against sophisticated threats

Becoming Supply Chain Resilient: Lessons from Recent Cyber Outages
--> Supply chain disruptions can be catastrophic, highlighting the need to know your supply chain (KYSC) for cyber resilience. Security teams must map dependencies, identify critical vendors, and gain visibility into their extended ecosystem. 

Transforming Supply Chain Security into Proactive Detection and Incident Response
--> Explore the latest tactics, techniques, and procedures cybercriminals use to target supply chains and how a managed service can streamline security processes and reduce operational costs.

From Reactive to Resilient: A New Mindset for Supply Chain Cybersecurity

We've entered a new era of cyber risk, where attackers have shifted from targeting organizations directly to exploiting the weakest links in their supply chains. This is a critical concern for CISOs, as a single breach can have catastrophic global consequences.

As regulatory bodies intensify their focus on supply chain cybersecurity, many organizations find themselves unprepared to effectively manage their supply chain risk programs. Enter Supply Chain Detection and Response (SCDR). Join us to discover how you can enhance your organization’s security posture and protect against sophisticated threats.

--> Becoming Supply Chain Resilient: Lessons from Recent Cyber Outages
--> Supply chain disruptions can be catastrophic, highlighting the need to know your supply chain (KYSC) for cyber resilience. Security teams must map dependencies, identify critical vendors, and gain visibility into their extended ecosystem. 
--> Transforming Supply Chain Security into Proactive Detection and Incident Response
--> Explore the latest tactics, techniques, and procedures cybercriminals use to target supply chains and how a managed service can streamline security processes and reduce operational costs.

As boards face AI risk, digital transformation, and evolving regulation, technical expertise has become essential. But when it comes to board seats, CISOs or CTOs are often underrepresented.

Why Every CEO Needs a CISO or CIO on the Board and How to Get a Board Seat if You Are One

Adversarial AI is geometrically making cyber a symmetric threat, fundamentally altering the cybersecurity equation. However, there are leaders who have successfully navigated these emerging challenges and understand the implications. Join Dr. Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Dr. Srinivas Mukkamala (CEO, Securin Inc.) as they dive into:

- Adversarial AI geometrically making cyber a symmetric threat - How AI is eliminating traditional defender advantages and creating equal-footing warfare
- AI in general, what it means for a new attack surface - The expansion beyond traditional vectors into AI-specific vulnerabilities and exploitation methods
- Are we prepared and ready for AI attacks - Current organizational readiness, gaps in defense capabilities, and what immediate action is required

Save your seat today!

Adversarial AI: The New Symmetric Threat Landscape

China-linked threat actors, nation-state threats, and criminals are strategically targeting critical infrastructure and telecommunications in the United States. These operations have compromised presidential campaign communications and telecommunications firms.

Telecom infrastructure’s legacy technology, sprawling networks, and sensitive information make it a high-value, hard-to-defend target for resourced hackers. This webinar will convene SecurityScorecard experts to discuss geopolitical stakes, operational challenges, and defense strategies needed to counter these threats.

- Why telecom is a priority target for China-linked actors and what Salt Typhoon reveals about systemic vulnerabilities
- How public-private coordination can improve detection, response, and resilience across the telecom ecosystem
- Practical steps to strengthen visibility, harden defenses, and secure the telecom supply chain through continuous monitoring

Register today!

Defending Telecommunications and Critical Infrastructure Against China-Linked Threat Actors and Emerging Risks

Your business relies on a complex network of suppliers. This creates opportunities for attackers. New research shows that over 70% of organizations experienced a material third-party cyber incident in the past year. Your current risk management strategy may not be enough to protect you.

This webinar explores the critical findings from our 2025 Supply Chain Cybersecurity Trends report. We surveyed nearly 550 global security leaders to understand the gap between perceived security and actual resilience.

Join us to learn:

- Why visibility is a critical failure point. Fewer than half of organizations monitor the cybersecurity of even 50% of their nth-party supply chains. Most companies are blind to their most significant risks.
- How leaders assess the impact of an attack. Breaches create a chain reaction of consequences. These include financial recovery costs, production downtime, and service delivery disruption.
- Why confidence may be an illusion. 88% of executives express concern about supply chain risks. Fewer than half are "very confident" they could maintain operations after a critical vendor incident.
- How to move from passive monitoring to active response. Many security programs rely on vendor questionnaires and cyber insurance. See why leading teams are integrating rapid incident response to build true operational resilience.

Beyond Prevention: Why Your Supply Chain Requires Real-Time Incident Response

“The Israel-Iran conflict underscores a critical shift in modern warfare: Cyber-operations are no longer secondary but fundamental to geopolitical disputes.”

Join Ryan Sherstobitoff (Field Chief Threat Intelligence Officer), Gilad Maizles (Security Researcher), and Shannon Vavra (Intelligence Content Strategist) for this webinar, where they’ll take a deeper dive into the:

-- 250K+ messages analyzed and the role of Telegram
-- Rise of hybrid threat actors and more complicated attribution
-- Future of cyber warfare in conjunction with kinetic conflict

Save your seat today!

From the Depths of the Shadows: IRGC & Hacker Collectives of the 12-Day War

“It is also a common trap of giving inexperienced customers a false sense of security…” 
~Navigating Supply Chain Cyber Risk

TPRM processes today are filled with thousands of pages of questionnaires, assessments, and more, but does that status quo really help secure your vendor ecosystem?

Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Alex Golbin (Co-Author, Navigating Supply Chain Cyber Risk) as they chat about:
-- The journey to becoming a TPRM expert and how the space has evolved 
-- Best practices for organizations to better manage their vendor ecosystem risk
-- How the AI agent economy is set to impact the future of TPRM

Save your seat today!

The Author’s Take: The Past, Present, & Future of Third Party (Cyber) Risk Management

Attackers are leveraging AI to enhance the speed, scale, and sophistication of their cyberattacks, posing a significant challenge to traditional defense mechanisms. Amidst a staggering increase of 300% annually in AI-driven attacks, the critical factor lies in their speed, highlighting the urgency for security measures to operate in near real-time to mitigate threats effectively. 

The traditional way of doing security is ill-equipped for real-time defense. We also believe that AI can potentially empower defenders far more than attackers. However, the effectiveness of AI in cybersecurity greatly depends on integrating data and automation within a unified platform.  This session will explore the value of a unified AI, data, and automation platform in enhancing cybersecurity defenses, improving incident response capabilities, and enabling proactive threat hunting. 

Join us to delve into the key strategies for leveraging AI in cybersecurity and learn how a cohesive platform can empower CISOs to stay ahead of emerging threats in the age of AI.

Security Operations in the Age of AI

In today’s threat landscape, a cyber attack is no longer a question of if—but when. The real test is how quickly and confidently an organization can bounce back. Unfortunately, traditional tools often leave teams scrambling with delayed insights, noisy alerts, and outdated assumptions—especially when AI workloads and modern cloud environments are in play.
 
During this fireside chat, you’ll witness an expert deep dive into what happens after a security breach—and how to turn a moment of crisis into a catalyst for security maturity. By watching, you’ll learn how to:
 
• Detect, contain, and mitigate threats in real time
• Prevent AI-specific risks
• Build lasting resilience through continuous visibility and intelligent automation
• And more
 
Tune in now to equip your organization with the strategies needed to bounce back stronger than ever in 2025 and beyond.

Best Practices for Bouncing Back Stronger after a Cyber Attack

The growth of open-source AI in the enterprise has been nothing short of phenomenal. Enterprise Strategy Group (ESG) research found that 99% of organizations are actively using, exploring or experimenting with AI in their environments.

As organizations accelerate their AI initiatives, the adoption of open-source tools has become essential. But there isn’t a commonly known playbook for how to leverage open-source AI, and rapid changes in AI models, tools, and frameworks means there is currently a steep learning curve. 

In this exclusive webinar, open-source visionary and co-founder of Anaconda, Peter Wang, shares insights about the growth and challenges of the open-source AI phenomena with Mark Beccue, ESG Principal Analyst. Tune in as the pair unpack:
• How open-source tools provide unparalleled flexibility, cost-effectiveness and access to cutting-edge tech
• Best practices for operationalizing AI with open-source tools
• How to overcome the AI readiness gap 
• Where & how Anaconda assists customers in their AI journeys

Understanding the State of Enterprise Open-Source AI & Adoption Challenges

Every minute of business disruption costs organizations millions – and cyber attackers know it. As threat actors weaponize AI and exploit zero-day vulnerabilities with unprecedented speed, the difference between survival and failure often comes down to how quickly you can recover from an attack.

Modern cyber resilience demands a paradigm shift – moving beyond traditional security measures to create business-aligned defense strategies. By identifying and protecting mission-critical assets through the Minimum Viable Company (MVC) framework, security leaders can ensure business continuity even in the face of sophisticated attacks while optimizing resource allocation and demonstrating clear ROI to the board.

Join Roselle Safran, CEO & Founder of KeyCaliber, as she shares battle-tested strategies for building and implementing a cyber resilience program that directly supports business objectives and ensures operational continuity.

Key Takeaways:

- Learn how to identify and define your organization's Minimum Viable Company (MVC) components to prioritize protection of business-critical assets
- Discover methodologies for aligning cyber resilience strategies with business objectives and risk appetite
- Master techniques for testing resilience capabilities against real-world scenarios without disrupting operations
- Gain practical insights into implementing and measuring the effectiveness of your cyber resilience program through business-focused metrics

Business-Centric Cyber Resilience: Protect What Matters Most

In today’s threat landscape, a cyber attack is no longer a question of if—but when. The real test is how quickly and confidently an organization can bounce back. Traditional tools often leave teams scrambling with delayed insights, noisy alerts, and outdated assumptions—especially when AI workloads and modern cloud environments are in play.

Join CSO & Board Member Rinki Sethi and Upwind CPO Joshua Burgin for a deep dive into what happens after the breach—and how to turn a moment of crisis into a catalyst for security maturity. We’ll explore the critical capabilities security teams need to contain threats, prioritize risk, and rebuild trust—with speed and precision.

You’ll learn how to:
• Use live runtime signals to reconstruct what happened—across cloud and GenAI workloads
• Cut through the noise and focus
• Detect, contain, and mitigate threats in real time, not post-mortem
• Prevent AI-specific risks
• Align security and engineering for a faster, more coordinated response
• Build lasting resilience through continuous visibility and intelligent automation

Whether you’re responding to your first major breach or refining your playbook, this session will equip you with the strategies—and tech stack—to bounce back stronger than ever in 2025 and beyond.

Respond Smarter, Recover Faster, and Build Resilience with Runtime and GenAI-Aware Security

The emergence of quantum computing presents a unique challenge to the cybersecurity landscape. This transformative technology poses significant risks to current encryption methods, particularly for asymmetric cryptography systems like RSA and Diffie-Hellman, which secure most network communications today.
Organizations face a critical challenge: their existing cryptographic infrastructure may soon become obsolete against quantum computing capabilities. 
 
This presentation offers vital strategies for preparing for this transition, similar in scope to the Y2K challenge. The solutions presented are particularly valuable because they follow NIST guidelines rather than vendor-specific approaches, providing a standardized framework for organizations to assess their risk exposure and implement quantum-resistant algorithms systematically.
 
Join John Bruggeman (Virtual CISO, CBTS) to get a roadmap to transition from current encryption methods to quantum-resistant alternatives, ensuring long-term data security.

Key takeaways:
- Quantum Risk Assessment: Learn how quantum computing threatens current encryption algorithms and data privacy
- Strategic Implementation: Discover the essential steps for identifying at-risk data, conducting thorough data inventories, and documenting current cryptography usage across your organization's systems and tools.
- Industry Impact Assessment: Understand how to quantify and document quantum computing risks specific to your industry
- Transition Planning: Master the approach to implementing NIST-guided quantum-resistant solutions through a systematic, long-term project framework

Post Quantum Cryptography: Securing the Future

From data breaches to ransomware attacks, the cost of cybercrime is skyrocketing, demanding a new approach to security. Playing defense is no longer enough. Organizations need to anticipate threats and build resilience into their systems.  

CISOs and security leaders face immense pressure to stay ahead of the curve and build resilient organizations capable of withstanding and recovering quickly from security breaches. A product-led approach offers a proactive, data-driven solution for incident response, transforming security events into opportunities for continuous improvement. 

In this session, Oksana Denesiuk, product lead for billing and payments at Kaiser Permanente and ISSA Advisory Board Member, explores how cybersecurity teams can adopt a product mindset to enhance incident response, leveraging agile methodologies, iterative learning, and customer-centric thinking. 

Key Takeaways
- Embrace a product-centric approach to incident response, treating security incidents as valuable data points for continuous improvement.
- Integrate automated threat detection, secure coding practices, and incident learnings into the product roadmap.
- Use post-incident analytics, telemetry, and threat intelligence to refine security controls, enhance detection capabilities, and reduce the attack surface.
- Implement AI-driven detection, automated remediation workflows, and security orchestration (SOAR) to improve MTTR and MTTD.

Turning Incidents into Insights: A Product-Led Approach to Incident Response

Are you updating or reassessing your email security system to stay ahead in the ever-evolving threat landscape?

To help you make informed decisions to protect your organisation, our cybersecurity experts discuss:

• The findings of the 2024 Gartner® Magic Quadrant™ for Email Security Platforms report
• The current email threat landscape, the rise of AI and other emerging trends for 2025
• How to evaluate the strengths and weaknesses of your email security solutions
• Best practice strategies to mitigate email threats and protect your organisation’s sensitive data

Email Security in 2025: analyst insights, the rise of AI and strategic defences

The way employees communicate and collaborate is constantly evolving, and so too are the security threats they face. The rise of generative AI adds a new layer of complexity, requiring CISOs to proactively address the risks of data loss and potential harm to the organization.

Traditional security approaches often fall short in addressing the unique challenges posed by modern collaboration tools and the integration of GenAI. Understanding and mitigating these risks is critical for maintaining data privacy, preventing leakage, and ensuring compliance. We'll share Metrigy's latest research data to reveal actionable strategies for a comprehensive, business-aligned security strategy.

Join Irwin Lazar (President and Principal Analyst at Metrigy)  to discover the key components of a modern security approach, including how to:

- Establish alignment between IT, collaboration, and security teams to address evolving threats.
- Identify emerging threats stemming from new applications and out-of-band communications.
- Understand how generative AI creates new risks for data privacy, leakage, and effective data management.
- Develop a comprehensive security strategy tailored for collaborative environments and the GenAI landscape.
- Evaluate the benefits of third-party platforms optimized for collaboration and GenAI security to enhance your security posture.

Secure Collaboration in the Age of GenAI: A CISO's Guide to Risk Mitigation

Join us for an engaging fireside chat as we explore the evolving cyber threat landscape targeting the financial sector. We'll discuss key insights into the rise in DDoS attacks, AI-driven bot traffic, and sophisticated phishing campaigns.

Learn how attackers are leveraging AI to bypass defenses and execute deepfake phishing, and understand the impact of prolonged DDoS-as-a-Service and hacktivist campaigns. We'll also dive into the credential stuffing economy, revealing the vulnerabilities exploited by attackers.

Discover actionable defenses to stay ahead, such as integrating AI into SOC operations, enhancing authentication and API security, and adopting proactive threat intelligence. This session will emphasize the importance of AI-driven, intelligence-led security approaches to protect your financial institution in an increasingly complex digital landscape.

Don't miss this opportunity to stay informed and prepared for the next wave of cyber threats.

Other topics to be discussed include:

1. 2025 Cyber Threat Snapshot: Key Trends Shaping Financial Security
2. Key Takeaways from FS-ISAC 2024
3. Deep Dive: Credential Stuffing Economy & Emerging Attack Vectors
4. Actionable Defenses: How FSIs Can Stay Ahead

Securing Financial Institutions: Navigating the Next Wave of Cyber Threats

In the ever-evolving landscape of DevOps, the paradigm is now shifting - where security is taking the central stage. With vast surface areas including containers, cloud, repositories and third-party components, cyber threats became more prominent than ever before in DevOps.

This presentation will delve into the evolution from traditional DevOps to the advanced usage of artificial intelligence (AI) technologies to automate and optimize the software development and delivery processes. This includes automating code scanning, testing and deployment processes while eliminating the threats in each possible way in the cycle.

In this session, join Jyotirmayee Pradeep Kumar (Vice President - Cloud DevOps at a well-known global bank) as she unravels the stages of integration of AI at each phase of DevOps. Topics for discussion include:
- Types of AI used in DevOps.
- Benefits of using AI in DevOps.
- Implementation of AI in DevOps.
- Best practices for using AI in DevOps.
- Eliminating security threats using AI in DevOps.

Security Risks to Consider with AI Integration: AI in DevOps

Traditional penetration tests often miss the mark, failing to replicate the real-world tactics of today's sophisticated threat actors. In this session, Alex Holden, CISO of Hold Security, cuts through the noise and reveals how to transform your pen testing program with actionable threat intelligence.

You'll discover the latest attack trends and learn practical methods to simulate realistic cyber threats against your own defenses. From vulnerability exploitation to ransomware and social engineering, this session provides a hands-on guide to assessing your security readiness against the attacks that matter most right now. Leave with a clear roadmap to build a more resilient and threat-informed security posture.

Key Takeaways

- Understand the limitations of traditional pen testing and why threat intelligence is crucial
- Learn practical techniques for incorporating real-world attack simulations into your security assessments
- Gain a framework for building a more resilient and proactive security posture based on actionable threat intelligence

Smarter Pen Testing with Threat Intel

It takes valuable time to sift through the ever-increasing number of cyber threats and stop those likely to result in a breach. The faster your team can resolve that unending flow of incidents, the better.

Expert security teams are just one part of the solution. Add the latest AI tools to consolidate and simplify your existing security operations technologies, accelerating time to resolve critical incidents. Finally, prove to your stakeholders that everything is perfectly handled. See how Lumen Technologies is achieving this in this valuable session.

Sign up for our webinar, Empower the CISO’s organization with ServiceNow AI and automation, to supercharge your existing security operations. Lumen Technologies’ Geoff Krahn and ServiceNow’s Julian Azaret will explain how to:

- Apply intelligent workflows and generative AI
- Inspire confidence in your board, company, and customers
- Slash incident resolution time by up to 72%
- Take this simple step to ensure that your security team can be ready for future threats.

Empower the CISO's organization with ServiceNow AI and automation

The transformative potential of AI demands robust security and Google Cloud is uniquely positioned to help organizations accelerate their AI journey by providing capabilities to holistically manage risk across the AI lifecycle. Join this session to learn about how you can securely navigate the evolving AI landscape with new AI Protection capabilities, including Model Armor, our LLM guardrails solution, which allows organizations to apply security and safety controls to gen AI applications.

Managing AI Risk with Confidence

To succeed as a CISO in 2025, you first need guts and luck. This year is poised to bring huge disruption. Unless you have been involved in the design, delivery, direction and drivers for an organization’s technology infrastructure, are supported by effective management processes and procedures, and have a large budget and resources, you will need to re-evaluate your strategy.

This webinar will challenge your understanding of good practices and focus on “known, knowns”, identifying the challenges that can arise for the "SHOCKS, HORRORS and EXCUSES" that accompany significant disruptions. It was also explore a need to learn lessons from the past to prepare for the future.

Together we will consider challenges arising for CISOs, by answering:
1) What key areas should CISOs focus on during 2025?
2) Why should CISOs establish an operational resilience strategy? 
3) How would scenarios versus resources assist CISOs in their strategic delivery? 

Tune into this session presented by operational resilience expert Steve Yates, as he explores the challenges faced by CISOs, and why their function is so critical to the survival of organizations and society, especially as nation state actors and other hacker groups seeks to attack our company and personal data.

Viewers will come away from this session with the ability to:
- Form an understanding of an operational risk approach.
- Consider the challenges that exist in adopting a “siloed” approach. 
- Know the need of exercising your organization for a critical scenario.

What are the Top CISO Priorities for 2025?

A powerful alliance is formed when CISOs and boards unite, paving the way for enhanced digital resilience. However, differences in how to prioritize and measure the impact of cybersecurity can create misalignment. Join to explore the top 5 gaps between CISOs and the board.

Bridge the Gap – CISO and the Board

CISO Summit

With 98% of organizations experiencing vendor breaches, preparedness is critical. This webinar equips CISOs and security leaders with strategies to effectively manage third-party cyber incidents. Learn how to leverage a robust playbook to move from reactive scrambling to proactive resilience.

Attend to learn how to:

- Stop Scrambling: Implement rapid response frameworks.
- Communicate Clearly: Develop winning crisis communication plans.
- Become Proactive: Discover preventative best practices.
- Ask the Right Questions: Vet vendor cybersecurity effectively.
- Learn from the Pros: Gain insights from real-world scenarios.

Don't let vendors be your vulnerability. Join us to streamline response, communicate effectively, and build a stronger digital ecosystem against escalating third-party threats.

A CISO's Guide to Mastering Cyber Incident Response: Are Your Vendors Your Weakest Link?

Incident Response

Third-Party Risk Management

Cyber Security

Security Breach

Vendor Breach

Cyber Resilience

CISO

TPRM

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

A CISO's Guide to Mastering Cyber Incident Response: Are Your Vendors Your Weakest Link?

Presented by

About this talk

SecurityScorecard