This half-day virtual seminar will explore the strategic conversations that are critical for leaders to have in order for the business to remain resilient in the event of a security incident or data breach. What challenges are CISOs facing in building out their security strategies from a people, process, and technology standpoint? During the leadership panel, our guests will share their perspectives on how organizations prepare for, respond to, and recover from cyber incidents. The panel will be followed by three traditional sessions that provide different approaches on a range of topics related to incident management including prevention and detection strategies as well as managing through and recovering from a crisis.
March 6, 2025 | 8:00 AM PT | 11:00 AM ET in Virtual Seminars
PART 1: Leadership Panel: Leading with Resilience
Building Resilient Systems demands strong and deliberate leadership. While the cybersecurity industry has broadened its focus on prevention and detection to include response with an increased focus on resilience, how are today’s leaders fostering a culture of resilience? Join this panel to hear how industry leaders are building trust within their organizations and empowering teams to design and implement strong security measures that encourage collaboration and enable a swift recovery in the face of a cyberattack.
Moderator: Bobbie Stempfley, VP, Product Business Unit Security Officer, Dell Technologies
Panelists: Sean Atkinson, CISO, Center for Internet Security, Arthur Deane, Vice President, Cyber, Capital One, Tia Hopkins, Chief Cyber Resilience Officer and Field CTO, eSentire, and Kanika Saraiya Havelia, Senior Director, KPMG Consulting
PART 2: Traditional Sessions
These sessions are coinciding and attendees are free to move within sessions as they wish.
The Interactive Discussion will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion and remind attendees that no comment attribution or recording of any sort should take place. Media are not permitted to attend.
| Interactive Discussions | Traditional Sessions | |
|---|---|---|
| Session 1 |
Building Resilient Systems: Demanding Secure by Design and Default Asset owners cannot be absolved from cybersecurity risk, but is it fair to put the total cost on customers for securing products they use or for manufacturers or integrators to charge more to deliver or configure a secure product? During this Birds of a Feather session, colleagues will explore challenges and potential solutions for building resilient systems when shopping for critical products and services that society relies on. Speaker: |
Building Resilient Systems: The Power of Listening to Practitioners In today’s fast-changing world of cybersecurity, building resilient systems isn’t just about technology—it’s about teamwork. When leaders truly listen to their security practitioners, they tap into a well of expertise that can make all the difference. In this session, we’ll explore how collaboration between leadership and practitioners leads to stronger, more adaptable systems. From designing fail-safes to planning for the unexpected, we’ll look at real-world examples where practitioner input shaped success. Join us to learn how fostering open communication can transform resilience from a goal into a reality. Speaker: |
| Session 2 |
Resilient OT Cybersecurity: Challenges & Solutions Join this Birds of a Feather to discuss how to build a resilient OT cybersecurity program. This open conversation will allow OT professionals to share their struggles and hear from industry peers and colleagues about how to mitigate cybersecurity risks in OT environments. Learn about free resources and explore effective strategies to strengthen your OT security posture. Speakers: Stephen Jensen, Sr Director Plans, Programs, and Exercises, The Center for Internet Security (CIS) |
All Aboard! A Train Ride to Resilient Cybersecurity The US delegation looks at the path toward the international framework for railway cybersecurity, IEC 63452, which addresses the unique challenges of the rail industry, integrating safety, security, and operational efficiency. With this framework, railway operators, policymakers, and cyber professionals can enhance their cyber posture, protect critical infrastructure, and ensure operational resilience. This session will highlight why, regardless of sector, the effort to develop international frameworks can help any industry build more resilient systems. Speaker: |
| Session 3 |
Building a Resilient Cyber Workforce This Birds of a Feather discussion is intended to bring Cyber Talent Managers who are Security Team Leads and HR Mangers together to help organizations shift their thinking around hiring and retention practices to establish clear and actionable solutions to your cyber workforce. Speaker: |
How to Create a Threat Modeling Process and use ATT&CK Practical threat modeling experience is often centered in a single organization, and the fish doesn’t see the ocean. Learn from experts serving hundreds of organizations how ATT&CK provides an empirically grounded model that’s been successfully applied across commercial and government customers. Speakers: Adam Shostack, President, Shostack + Associates Kyle Wallace, Operational Technology Device Security Lead, MITRE Corporation |
GIAC and ISC2 members can earn CPE credits for attending this virtual seminar live.
This virtual seminar is sponsored by Wiz. Wiz is a cloud security company, founded in 2020. Organizations of all sizes and industries use Wiz to rapidly identify and remove the most critical risks in AWS, Azure, GCP, OCI, Alibaba Cloud and Kubernetes so they can build faster and more securely. Gain unmatched visibility, accurate prioritization and business agility.
Panel Speakers
Birds of a Feather Session Speakers
Traditional Session Speakers
Analytics Intelligence & Response Risk Management & Governance
access control Advanced Persistent Threat business continuity & disaster recovery data loss prevention data security data sovereignty Device Security incident response law network access control Network Analysis / Forensics Professional / Workforce Development risk management threat intelligence threat management