Black Hat is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

August 1 - 6, 2020
Virtual Event

Black Hat CISO Summit

Tuesday, August 4, 2020

The Black Hat CISO Summit is an approval-only event during Black Hat USA which brings together top security executives from global corporations and government agencies for a full day of unique discussions. Offered the day before the main Black Hat USA Briefings sessions, the CISO Summit is intended to give CISOs and other InfoSec executives leading-edge insight into the latest security trends, technologies and enterprise best practices.

All applications will be reviewed by Black Hat management, and notifications will be sent to applicants by July 24. Attendee guidelines are located within the application form.

*Please note: In order to create an open and candid environment that promotes the sharing of ideas and discussion, the CISO Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program was designed for executive security practitioners; solution providers and vendor attendees are limited to event sponsors.

Advisory Board

Justine Bone
Trey Ford
Jeremiah Grossman
Robert Hansen
Wendy Nather
Alex Stamos
Saša Zdjelar


Tuesday, August 4

9:00 – 9:30 AM
Welcome and Introductions
9:30 – 10:00 AM

The Next-Generation CISO: Deploying a value-based approach to cybersecurity

It's time to view your cybersecurity voyage with new eyes. The next-generation CISO is a customer-oriented business partner. As individuals and organizations, we're on a mission to keep our technology ecosystems safe and secure. Learn how partnering with key business stakeholders and your customers can help you achieve long-lasting systemic change and increase cybersecurity.

  • Roberto Suarez, VP, CISO, Becton Dickinson
10:00 - 10:15 AM Networking Break
10:15 – 10:45 AM

Shadow IT: Adversary or Ally?

In this session we will discuss how a CISO can most effectively engage with Shadow IT so as to turn the relationship from the traditional adversarial to an effective partnership that benefits both the Shadow IT group and the security program. We will specifically discuss:

  • What is Shadow IT and why does it exist?
  • Why is Shadow IT generally a good thing to the organization?
  • Aligned goals and objectives is the first step to a successful relationship with Shadow IT
  • Navigating the tension between IT and Shadow IT
  • Some cautionary tales

The goal of this presentation is to equip CISOs of all experience levels with a new appreciation of Shadow IT and how, with effort to build effective relationships, dramatic improvements to the organizational security program can be achieved.

  • Martin Fisher
10:45 – 11:00 AM Networking Break
11:00 – 11:30 AM


You have probably heard about Zero Trust, probably too much. You might be sick of the term even. Don't fret. This session will delve into the hard realities of why this strategy makes sense and discuss why you should actually care. Join in and get the truth on what Zero Trust is, where it came from, why it works, and don't worry there will be no vendor spin allowed.

  • Chase Cunningham, Forrester
11:30 AM - 12:15 PM Networking Break/Lunch
12:15 – 12:45 AM

Hide and Seek: A CISO's guide to the "new normal" of insider threat


The global pandemic has forced an emergency shift to remote work in many countries and all verticals. The IT and security efforts to implement this shift for has been less than graceful. This, coupled with large-scale layoffs due to a struggling economy has created unique problems for security organizations, which have themselves been impacted by layoffs. Insider threats and disgruntled employees have never before posed as much risk to organizations as they do right now. What can CISOs do to mitigate this risk? Gal and Rob will frame the problem and discuss solutions and best practices in this new normal for cyber security, from a blue and red team perspective.

  • Rob Fuller, Executive Security Consultant
  • Gal Shpantzer, vCISO
12:45 - 1:00 PM Networking Break
1:00 – 1:30 PM

How Microsoft enabled a fully remote workforce during a global pandemic

Jonathan Trull will be presenting on Microsoft's response to COVID, specifically, lessons learned, guidance, and best practices to how we moved our own employees to work remotely and how we securely managed 97% of our workforce shifting to remote work overnight.

  • Jonathan Trull
1:30 - 1:45 PM Networking Break
1:45 – 2:15 PM

Cybersecurity Futures 2025

This session explores, via four alternate scenarios, the new and different ways in which technology will intersect with society in 2025, and the resulting cybersecurity problem sets faced by businesses, governments, and societies. The session begins with an introduction to the scenario methodology and a description of the four ‘alternate future worlds' we used as the basis for the work. We will then present the top challenges and opportunities that emerged from our research, and how those challenges are viewed differently around the world. Next, we will present overall results to date, and discuss the implications of those results - and what CISOs might be grappling with in the future. Finally, we will walk participants through examples of the types of criminals, black markets, and threats that might result from the new security environment, and how our view of this has changed (or not changed) in the pandemic.

  • Ann Cleaveland, Executive Director, Center for Long-Term Cybersecurity, UC Berkeley
  • Steve Weber, Faculty Director at the Center for Long-Term Cybersecurity and Professor in the School of Information
2:15 - 2:30 PM Networking Break
2:30 – 3:00 PM

What Got Us Here (May) Get Us There: Trends from over a decade of DBIR reporting

The Verizon Data Breach Investigations Report (DBIR) has been a staple in security reporting for over a decade, always aiming to both document and inform on the current shape of the security threat landscape. It has also been a cathartic outlet of bad jokes and puns for the authoring team.

While the main purpose of the report is to examine what has recently (and not so recently) occurred, it has become clear to the team that over time attackers will attempt to maximize their Attack Return on Investment (AROI). While we can't tell you what the Next Big Attack (tm) will be, we'll delve into what the data suggests will define it and help to prepare for it.

Join us on a critical analysis of over a decade of alternating very stale and surprising trends, and learn how to better strategize in a landscape that changes very slowly at first and then suddenly all at once.

  • Alex Pinto, DBIR Team Manager and Co-author, Verizon
  • Gabe Bassett, DBIR Lead Data Scientist and Co-author, Verizon
3:00 - 4:00 PM Closing Reception