Cybersecurity leaders have been brought to the forefront of their organizations in the wake of ongoing disruption, which is why we were excited to host our Transformational CISO & CISO Healthcare Virtual Assembly this week. It was an engaging two days filled with interactive workshops and keynotes, C-Suite networking, and peer-to-peer problem solving on the most pertinent topics within cybersecurity today.
In case you missed it…
What We Learned From Our Keynote Speakers
Sujeet Bambawale, CISO at 7-Eleven, started off this two day event with an engaging Keynote on what’s ahead in cybersecurity. Threat intelligence is on the rise, paving the way for attack simulations in order to meet increasing expectations. This will allow security teams to test efficacy in real-time against the latest threats. Sujeet also touched on a subject that proved to be a theme throughout the remainder of the Assembly: rapidly changing talent pipelines and the importance of diversity of experience and background within cybersecurity teams.
Our day two Opening Keynote Panel was led by Diana Burley, Vice Provost for Research at American University, and featured panelists Ann Hines, Business Information Security Officer, Principal, USAA; Shefali Mookencherry, CISO, Edward-Elmhurst Healthcare; Brian Mork, CISO, Westinghouse Electric Company; and Devin Shirley, CISO, Arkansas Blue Cross Blue Shield. The panel focused on rethinking data governance frameworks in the midst of constant disruption. Shared insights included the need for more stringent asset management, building trust with vendors and maintaining control over subcontractors, and adequately training staff on security in a remote setting. Our panelists also noted that remote work is not new, but the scale at which it is currently implemented is, which means that security must be part of the overall workplace culture.
Chris Leach from Cisco led an interactive discussion on what it means to be a CISO for change. The CISO is responsible for managing security, but security is a team effort. That’s why CISOs need to act as thought leaders and involve other leaders within the organization in order to lead valuable change. CISOs are often viewed as the “no” people, but with the right collaboration, they can be the force behind change.
Engaging C-Suite Discussions
Tim Rohrbaugh, Chief Information Security Officer at JetBlue Airways Corporation discussed the Kaizen approach to security program improvement. This approach focuses on incremental, measurable change to threat actors’ cost, value proposition, or address motivations. The incremental change prevents the fear associated with long term change, and Threat-Informed Defense speeds up response times to quickly changing threats. The concept’s ultimate goal is to improve visibility in order to eventually automate response.
Next up, Jim Rutt, Chief Information Officer and Chief Information Security Officer, Dana Foundation led a discussion on a risk management approach to allocating budget. He notes that while risk cannot be completely eliminated, it can be reduced as much as possible to an acceptable level with proper qualitative and quantitative analysis. Risk mitigation can feel like a daunting task, but basic risk formulas can help give you a better understanding of your situation.
Robert Pace from Invitation Homes addressed the big threat: endpoint security. He stresses the importance of going back to the basics and determining the right “tools of choice” within your organization. Discussions on configuration, strategy, budget, and reporting are essential before new technology is introduced, but also for existing systems that need enhancement.
Ed Harris from Mauser Packaging led an interactive session on becoming a 2.0 CISO. His advice is to use four simple tools. First, hiring smart people allows your team creates a strong team capable of bringing new ideas and value. Second, creating visibility is key because identifying anomalies requires understanding your baseline. Next, personal R&D teams can utilize think tanks and resources to problem-solve and stay on top of new developments in cybersecurity. Finally, it is important for CISOs to not just understand security and information system language, but also business language in order to make decisions on behalf of the business and move up in their organization.
For the final session of the Assembly, Benjamin Corll CISO at Coats addresses automation’s role in cybersecurity. Automation can be useful in reducing alert fatigue, filling the gaps where there is a lack of resources, and creating the consistency that the human element lacks. While there is still room for growth and improvement in automation, the only way to progress is to start implementing it.
Insights From Our Solution Providers
Our partners at Sophos led the discussion on targeted ransomware. The best way to combat these targeted attacks is to understand how they are conducted by hackers. The key is to keep your guard up and be on the lookout for attacks that take place when the organization is most vulnerable.
Roman Tobe from Abnormal Security gave us the intel of Vendor Account Compromise, including how hackers gain access to accounts and how to stop them. It is important for organizations to understand common communication practices in order to more easily detect anomalies and stop them before they wreak havoc on vendor accounts.
Palo Alto Network
Bruce Hembree from Palo Alto Networks noted that while people take time off, cyber threats are constant. That’s why Palo Alto Networks assesses organizations dynamically and in real time, and automatically respond to active threats. An automation funnel is used in order to handle a large volume of alerts and avoid major incidents.
Troy Ament and Jay Mervis from Fortinet led a workshop on evolving threats within healthcare. Between increased virtual visits and the rise of AI and Machine Learning, there is no doubt that digital innovation is causing an increase in cyber threats. That is why it is important for leaders to integrate network solutions with security policies.
Chris Hills from BeyondTrust explains how you can switch from a reactive to a preventative approach to endpoint security. As threats continue to evolve, endpoints are becoming more complex, which leaves companies needing to do more with less. Furthermore, the “new normal” has created a perfect storm for privilege abuse. Because of this, organizations need complete endpoint security that acts as an ecosystem, not a single solution. One key part of creating a secure ecosystem is removing admin rights from the end user and giving them just enough privileges to do their job.
Jeremy Briglia from Qualys notes that it is important to create an automated system without increasing associated risks. Continuous risk assessment can help ensure risks do not slip through the cracks. Asset inventory, vulnerability and configuration assessment, patch management, and threat risk and prioritization are essential to mitigating these risks.
And the Winner of The Millennium Mission Prize is…
The Millennium Alliance will donate $1,000 on behalf of Mario Memmo to the charity of his choice. Mario won this award as a part of The Millennium Alliance’s new initiative, Millennium Mission, in which we donate to charities such as AdoptAClassroom.org, Feeding America, The Miracle Walk, the U.S. Coronavirus Emergency Response, and others on behalf of the most engaged attendee for each event. We are excited to make a donation in Mario Memmo’s name!
Don’t miss out on the next Transformational CISO Assembly! Join us on April 27th for our Transformational CISO Assembly & CISO Financial Services Virtual Assembly. Go here to RSVP.