Is the Market Ready for Integrated Cyber Risk Management? – Victor Gamra – RSA22 #2
Cyber risk management is now a dynamic practice for security teams and leadership. It requires up-to-date risk intelligence across many factors - external, internal, third parties, cloud posture - to inform the right decisions and enable cyber risk quantification and risk modeling to be more dynamic. Victor will discuss what drove him to leave security leadership and start a company to solve the problems he experienced with cyber risk management and how the market is responding.
Segment Resources: https://fortifydata.com/request-an-assessment This segment is sponsored by FortifyData. Visit https://securityweekly.com/fortifydata to learn more about them!
Victor Gamra, CISSP, CISM, PCIP is the Founder and CEO of FortifyData. Prior to building a trusted Cyber Risk Intelligence company, Victor was the CISO for a Credit Reporting Agency in Atlanta and saw the opportunity fill a gap in the market with a platform that uses live data for accurate cyber risk exposure representation that reduced false positives and misattributions. Victor has previously spoken at cybersecurity events, training programs and industry specific virtual events.
The Internet Became the Corporate Network, & Where SASE Goes From Here – Amit Bareket – RSA22 #2
Two important shifts over the last two years transformed what we once knew as an on-premise ecosystem into a global system accessible from anywhere. One is remote work, which began as a temporary measure to get us through the early days of the pandemic and has since become the norm. The other is cloud adoption, which was mainstream even before the pandemic, but has seen another bump in the last two years. As a result, the internet has become the new corporate network. Where do we go from here? This segment is sponsored by Perimeter 81. Visit https://securityweekly.com/perimeter81 to learn more about them!
The Culture Blindspot: Harmonizing DevSecOps Helps Curb Burnout – Sonali Shah – RSA22 #2
Recent data shows that security and development teams are still stressed, and they’re taking that stress home with them. Not only are they spending unnecessary hours addressing security issues that they could have otherwise prevented with modern tools and best practices, but also these teams are taking time out of their personal lives during holidays and on weekends to manage critical issues, contributing to burnout and ultimately churn. There’s good news, though: relationships between security and development are steadily improving, and with the right support and modern tooling at hand, you can transform the lives of cybersecurity professionals while also boosting your organization’s security posture, too. This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! This segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsa to learn more about them!
A seasoned business and product leader, Sonali Shah brings more than 20 years of B2B SaaS and cybersecurity sector experience, having led product management, marketing, and strategy teams at companies such as HUMAN (formerly White Ops), Veracode, BitSight, and VeriSign, among others. Skilled at leading teams with a proven track record in bringing innovative solutions to market, she will be building on Invicti’s long history of innovation, transforming the application security market, with its enterprise Netsparker and mid-market Acunetix solutions.
Latest Trends in Identity & Access – Meritt Maxim – RSA22 #2
Merritt Maxim discusses the latest trends on identity access and how organizations should tackle the ever expanding user security challenges.
Merritt leads Forrester’s Security & Risk research team focused on cloud security, identity security, endpoint security, and proactive security. As research director, Merritt leads a team of analysts who publish research, deliver thought leadership, and conduct client advisories on cutting-edge topics related to cloud security, identity and access management (IAM), endpoint security, IoT/OT security, vulnerability management, and proactive security. Merritt has spoken at industry events such as the RSA Conference and Cloud Identity Summit, and his insights are widely cited in publications such as the Wall Street Journal, Dark Reading, and CSO Online. Merritt’s research focuses on identity security, physical security, cybersecurity M&A, and overall cybersecurity market trends and growth.
Healthcare FHIR’d Up: Examining API, & App Ecosystem Security Risks – Alissa Knight – RSA22 #2
Alissa Knight discusses previous API research on the FHIR ecosystem, including vulnerabilities caused by data aggregators and app developers, which pose data privacy and security concerns. Knight will examine potential solutions to securing the backbone of the healthcare sector's interoperability plan.
Alissa Knight is a partner at Knight Group where she’s the Director and Executive Producer at Knight Studios, and partner at Knight Ink, Knight Events, and Knight Publishing. She’s a recovering hacker of 22 years after being arrested for hacking into a government network at 17. Over the last two decades, Alissa has sold numerous cybersecurity startups to public companies as a serial entrepreneur and is a published author. Alissa is now an award-winning filmmaker at Knight Studios where she produces scripted narrative short and feature films in cybersecurity crime dramas for vendors as a form of disruptive content marketing.
Trickle Down Effects From Threat Hunting on Federal Networks – Michael Daniel – RSA22 #2
The Cybersecurity and Infrastructure Security Agency recently received new authorities to conduct proactive threat hunting on federal networks, while the Pentagon intends to stand up similar programs for defense contractors. SC Media cybersecurity reporter Derek Johnson will talk with CTA president Michael Daniel about how why these activities are designed to help the federal government identify latent threats and vulnerabilities and what (if any) trickle down effects there may be for the broader threat intelligence ecosystem in the public and private sector.
Michael Daniel currently serves as the President & CEO of the Cyber Threat Alliance (CTA), a not-for-profit that enables cyber threat information sharing among cybersecurity organizations. Prior to coming to CTA in March 2017, Michael served for four years as US Cybersecurity Coordinator, leading US cybersecurity policy development, facilitating US government partnerships with the private sector and other nations, and coordinating significant incident response activities. From 1995 to 2012, Michael worked for the Office of Management and Budget, overseeing funding for the U.S. Intelligence Community. Michael also works with the Aspen Cybersecurity Group, the World Economic Forum’s Partnership Against Cybercrime, and other organizations improving cybersecurity in the digital ecosystem. In his spare time, he enjoys running and martial arts.
