The CISO Chapter North America

Explore the transformative power of AI in advanced threat detection. You will learn how to implement AI-driven security solutions to identify and mitigate sophisticated threats, enhancing your organisation's security posture. The session will cover practical strategies, real-world case studies, and the latest advancements in AI technologies tailored for cybersecurity applications.

Key Takeaways:

• Understand how AI can enhance threat detection capabilities and improve incident response times.
• Learn best practices for integrating AI-driven solutions into existing security frameworks for maximum effectiveness.

Drawing on his 30+ year career leading projects in the US Federal government and his experience as an executive at Fortinet—a leading global cybersecurity company—Jim Richberg will share principles and practices he found useful for driving transformation in the public sector. Jim will use examples from cybersecurity and AI to illustrate some rules of thumb and share lessons learned from his experience leading projects across teams in government at both the agency and national levels.

Key Takeaways:

• Discuss practical and applicable ways to manage technology transformation and innovation for both the public and private sectors
• Apply the 7 Guiding Cybersecurity Principals of transformation to your organization in order to stay one step ahead of threats, maximize efficiency and ensure success

Legacy SOAR (Security Orchestration, Automation, and Response) technology promised to revolutionize security operations. Unfortunately, the first generation of these platforms has gained a reputation for rigid playbooks that require extensive development resources, poor case management features, and limited use cases. That’s why Swimlane developed a more modern and extensible approach to security automation.

Key Takeaways:

• A clear understanding of automation’s role in security and why it is an imperative
• Best practices and real-world use cases for security automation

Innovation demands speed—but rapid DevOps and AI initiatives often collide with data security, privacy, and compliance risks. As non-production environments become a growing attack surface, IT and security leaders must rethink how data is delivered across development, testing, and analytics workflows.

This session explores how forward-thinking organizations are embracing secure data automation to eliminate friction, reduce exposure, and accelerate innovation. We’ll examine how policy-driven data delivery—integrated into DevOps and AI pipelines—can drive agility without sacrificing control.

In today’s threat landscape, having a well-defined incident response plan is crucial for minimising damage and ensuring swift recovery from cyber incidents. This workshop will focus on the importance of developing and implementing robust incident response and recovery strategies. CISOs will learn how to identify potential threats, establish clear communication protocols, and create a response framework that enhances organisational resilience.

Key Takeaways:

• Learn the key components of an effective incident response plan to mitigate risks and enhance recovery.
• Explore best practices for testing and refining incident response strategies to ensure preparedness in the face of cyber threats.

Get hands-on with the latest technology from Elastic. Explore real-world applications, see the platform in action, and discover how it may support your cybersecurity strategy.

In a landscape where cyber threats are ever-evolving, fostering a culture of cybersecurity awareness is essential. This workshop will equip CISOs with the strategies to lead effective employee training programs that enhance awareness and prepare teams to recognise and respond to security threats. Participants will explore best practices for designing engaging training modules and fostering a proactive security mindset across the organisation.

Key Takeaways:

• Discover effective techniques for developing impactful cybersecurity awareness training programs.
• Learn how to measure training effectiveness and ensure continuous improvement in employee engagement with security practices.

Explore how leveraging GenAI and no-code automation in SIEM can revolutionize the SOC. By simplifying alert triage, optimizing signal-to-noise ratio, and automating low-value tasks, analysts can focus on higher-level responsibilities. Additionally, these advancements foster improved communication and collaboration between security and IT teams, driving overall performance. The session will also delve into strategies for measuring performance and efficiency to boost engagement and job satisfaction.

Key Takeaways: 

• Discover three GenAI use cases that can elevate SOC Analyst job satisfaction and performance.
• See how simple it is to build workflows using no-code automation across IT and security

Get hands-on with the latest technology from Fortinet. Explore real-world applications, see the platform in action, and discover how it may support your cybersecurity strategy.

Quality in pentesting can mean different things for different groups of people--from the prospective buyer to an existing customer, to the pentester delivering the test, to practitioners in our industry. There are several factors that make up a good pentest; in this workshop, we will uncover some of these factors and why they are important. Each topic has nuances, potential pitfalls and areas of focus, which we will discuss to prepare you for your next pentest engagement.

We will touch on the following topics: 

• Preparation - This includes the sales cycle, scope agreement, and credential sharing; in short, everything that is needed to perform the test is gathered during this step.
• Kickoff/Onboarding - This is where stakeholders and the delivery team meet to align their expectations and approach. 
• Testing - This is the main activity for the penetration testers; it includes discovery, threat modeling, exploitation, post-exploitation, etc. 
• Reporting - How are reports shared, what options are available, does it work for your team? 
• Re-testing - This is where the recommended remediation steps are implemented and can be double-checked to ensure the vulnerabilities are no longer present and the exploits are no longer viable. 
• Feedback - Here, we gather information about how the test went, how pentesters performed, how engaged the customer was, etc. 

In the fast-paced world of cybersecurity, automation has become essential for improving efficiency and responsiveness in security operations. This workshop will explore how organisations can leverage automation tools to streamline incident response, reduce manual workloads, and enhance overall security posture. Participants will gain insights into practical applications of automation in threat detection, monitoring, and remediation, enabling them to respond more effectively to emerging threats.

Key Takeaways:

• Discover key automation tools and techniques that can enhance security operations and reduce response times.
• Learn how to implement automation strategies that improve efficiency and bolster your organisation’s cybersecurity defences.

Get hands-on with the latest technology from Netskope. Explore real-world applications, see the platform in action, and discover how it may support your cybersecurity strategy.