Black Hat CISO Summit — August 7, 2018
Four Seasons, Las Vegas, NV


08:00 – 08:15 Welcome and Introductions
Brian Gillooly, Co-Host, Black Hat CISO Summit and Moderator
Jeff Moss, Founder, Black Hat
08:15 – 12:00 Morning Sessions – A Focus on Technologies
08:15 – 08:45 Keynote: A Full Court Press Against Your Cybersecurity Adversaries
Alissa Johnson, Vice President and Chief Information Security Officer, Xerox
As security executives, we sometimes take our eye off the ball at the most important moments. With the game on the line, and complexity swirling all around us, it's difficult to stay focused and prevent the other team from sneaking in for the steal. Dr. Alissa ("Dr. J") Johnson, CISO of Xerox, provides some much needed advice on how to hone all parts of your security game so you can prevent the fundamentals from becoming stale, and also perfect the skills that allow you to occasionally sweep in for the thundering dunk.
08:45 – 09:15 Black Hat Briefings Overview
A panel of cybersecurity luminaries who will be leading sessions at the Black Hat USA Conference briefings will provide a review of the hottest topics being covered the next day at the show to give summit attendees a leg up on what to attend and what to look for during the conference. This round-robin conversation will set the premise for audience conversation and offer a framework for post-event action items for attendees. Topics will include security issues related to IoT, AI, blockchain, DevSecOps, and more.
09:15 – 09:45 The REAL Impact of AI on Cybersecurity
It's time CISOs were immersed on the impact of AI and machine learning on cybersecurity. To learn what's really going on beyond the headlines – not just about how intelligent technologies and predictive analytics can help security professionals anticipate threats and improve their defenses, but also in understanding how adversaries are beginning to use the same technologies to thwart traditional defensive approaches. In this session, our experts cut through the BS and make realistic recommendations for the role of AI in today's security planning, including recommendations for where humans should focus their efforts and where mature AI can help with automation, analytics, and orchestration as a force multiplier.
09:45 – 10:00 Networking Break
10:00 – 10:30 Using Blockchain to Improve Security, Efficiency, and Trust
To be sure, blockchain technology has been used primarily in the emerging cryptocurrency realm, but this distributed transaction platform is beginning to make its way into enterprise-level environments in the form of massively parallel payment processing and transaction systems. While one of the expectations for a blockchain environment is improved trust in the transaction system, the distributed model is a target for hackers looking to exploit multiple vulnerabilities. In this session, our experts discuss the realities of blockchain in the enterprise and the awareness CISOs must have in protecting their companies from internal and external uses of the technology.
10:30 – 11:15 The Critical Security Future for IoT
IP-enabled devices are proliferating throughout every enterprise, and it's creating a headache for CISOs trying to keep ahead of the increasing vulnerabilities. And it's not just IT that IoT impacts, it's also operational technology. Thus far, most IoT defense strategies involve a patchwork and retrofitted approach. Some IoT security frameworks exist, but there isn't an industrywide, ISAC-like effort for CISOs to share best practices in getting ahead of the issue. In this session, experts discuss short- and long-term solutions for proper secure management of IoT and OT in the enterprise.
11:15 – 11:55 Baking in Security: Why You Should Be Practicing DevSecOps
DevOps demonstrated to IT practitioners that combining development best practices with operational guidelines can yield faster results and better software. DevSecOps enables IT to incorporate security protocols into the process, saving time, money, and headaches as security is implemented and tested iteratively during development. Experts present case studies of companies succeeding at DevSecOps and discuss the challenges of retrofitting existing development processes, training staff, and bridging on-premise vs. cloud-based approaches. We'll also discuss the realities of the time, costs, and skills involved in setting up DevSecOps and keeping it running smoothly.
12:00 – 13:10 Networking Lunch
13:15 – 17:00 Afternoon Sessions – A Focus on Strategy and Implementation
13:15 – 13:45 Bolstering Discovery/Repair While Improving Detection/Response
Experts from businesses that have made the decision to improve their proactive approach to cybersecurity offer their advice and experiences for adjusting budget, technologies, training, resources, and processes to shore up their discovery approach and institute a better detect/response gameplan. They'll discuss the role of predictive analytics, endpoint detection response, security service providers, cloud vs. on-premise platforms, and other proactive strategies, and will offer suggestions on how to measure success for reporting back to the business.
13:45 – 14:30 How to Excel at Measuring Risk: The Risk/Cost Ratio
In 2018 and beyond, are CISOs ready to not just understand their level of risk, but also properly measure it? And what is that acceptable level? Whether the result of years of pressure from corporate beancounters, or a sound fiscal strategy that emerged in the face of relentless attacks, a standard methodology to measuring value at risk can improve a company's ability to prioritize resource spend and to keep residual risk below the company's risk appetite. This interactive session led by CISOs covers the difficult financial and technological decisions that have to be made in order to achieve acceptable levels of defense in a continually evolving risk/cost model. We have to face facts: Most CISOs simply don't have good situational awareness when it comes to assets, privileges, and exposure on a near real-time basis. What is the CISO's role – and responsibility – in such a scenario?
14:30 – 14:45 Networking Break
14:45 – 15:30 The Evolution of the CISO's Role and the Importance of Workforce Diversity
The only constant is change, and that can certainly be said about the role of the CISO. Technical expertise is still important, but successful CISO need to be excellent managers and communicators. They need to know how to hire good corporate employees with skills for the future; communicate with management and the board; make sound decisions on outsourcing, cost reductions, and departmental collaboration; and retain a diverse and motivated workforce. In this session, our expert explains how to stay ahead of the curve and maintain relevancy in a rapidly evolving cybersecurity landscape.
15:30 – 16:15 The Breacher Report
Hey, sports fans! It's time for an update on the latest security breaches and threats and how they're going to impact unforeseen threats in the near future. In this session, our expert provides an up-to-the-minute report on the most dangerous and pervasive new security hazards and what to do about them, a rundown on which threat actors are trying to break into your lineup, and how the game is about to change.
16:15 – 17:00 Future Threats & Criminals – A Whiteboarding Workshop Session
Following our ‘Breacher Report' on existing cyber threats, our team of experts leads an interactive whiteboarding session designed to identify potential future threats and incorporate much of the conversation and insight from earlier in the day into this workshop in order to map out action items for audience takeaway. By the end of the session, attendees will have a concrete plan to bring back to the office and share with colleagues, so they can address today's issues and anticipate future threats with a ready strategy.
17:00 Closing Remarks
17:00 – 18:00 Cocktail Reception