This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Black Hat CISO Summit
Tuesday, August 3, 2021
The Black Hat CISO Summit is an approval-only event during Black Hat USA which brings together top security executives from global corporations and government agencies for a full day of unique discussions. Offered the day before the main Black Hat USA Briefings sessions, the CISO Summit is intended to give CISOs and other InfoSec executives leading-edge insight into the latest security trends, technologies, and enterprise best practices.
Application Portal is Now closed
The registration window is now closed, thank you for your interest.
All applications will be reviewed by Black Hat management, and notifications will be sent to applicants by July 23. Attendee guidelines are located within the application form.
*Please note: In order to create an open and candid environment that promotes the sharing of ideas and discussion, the CISO Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program was designed for executive security practitioners; solution providers and vendor attendees are limited to event sponsors.
Tuesday, August 3
|9:00 — 9:15 AM||
Welcome and Introductions
|9:15 — 9:45 AM||
How Can New and Existing CISOs Stand Out From the Crowd and Separate Themselves From Others as They Compete for Desired Roles?
For new and existing CISOs the job market has never been riper with opportunity. The CISO has become the critical hire for many organizations regardless of industry, company size, or location. Whether a company is hiring a CISO to secure their products, achieve compliance, build customer trust, or demonstrate executive leadership, the job opportunities are plentiful. How do you know if you are a match?
We intend to explore these and other areas to help CISOs better comprehend the new world job market.
|9:45 - 10:15 AM||
Live Breakout Sessions:
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security
The SolarWinds attack brought additional scrutiny software supply chain security, but concerns about organizations' software supply chains have been discussed for a number of years. Development organizations' shift to DevOps or DevSecOps has pushed teams to adopt new technologies in the build pipeline — often hosted by 3rd parties. This has resulted in build pipelines that expose a complicated and often uncharted attack surface. In addition, modern products also incorporate code from a variety of contributors — ranging from in-house developers, 3rd party development contractors, as well as an array open source contributors.
This talk looks at the challenge of developing secure build pipelines. This is done via the construction of a threat model for an example software build pipeline that walks through how the various systems and communications along the way can potentially be misused by malicious actors. Coverage of the major components of a build pipeline — source control, open source component management, software builds, automated testing, and packaging for distribution — is used to enumerate likely attack surface exposed via the build process and to highlight potential controls that can be put in place to harden the pipeline against attacks. After introducing the threat model, the presentation is intended to be an interactive discussion that will help attendees both evaluate internal build processes as well as ask vendors questions to better understand the maturity of their practices.
Anatomy of a Breach with CyberArk Labs- Supply Chain & Privilege
Examining revelations from the SolarWinds and Codecov attacks, it's clear that the compromise of identity and manipulation of privileged access were instrumental in their success. In this session, CyberArk Labs deconstructs these breaches to shed light on supply chain risk and the lure of identity compromise by breaking down the key phases of the attack - from initial infection and customer targeting, through privilege escalation to high value assets.
Executive (dis)Orders: Cognitive and Systemic Risk in the Boardroom
Organizations have to address various forms and manifestations of risk: cyber risk, financial risk, supply chain risk and many others. Lately it seems that a large portion of innovation and disruptive thinking is coming from the bottom of the org chart and not so much from the top.
This session will dive into some strategic questions about risk that plague every business both large and small. Building secure systems and technology platforms that are resilient and profitable is not impossible, but increasingly difficult unless we strive to understand two oft-overlooked sources of trouble: cognitive risk and systemic risk.
|10:15 - 10:30 AM||
CISO PANEL: Why Data Science Powered Behavioral Analytics is Critical to Modern Cyber Defenses
Staying ahead of cybercriminals and insider threats is more critical than ever. It's also important to automate as much of your security operations as possible. Data science driven controls enable you to focus on what's important – to connect the dots, weed out false positives, and get high efficacy results. Hear from peers with extensive experience implementing successful Machine Learning based cybersecurity controls. We'll discuss the nuances of what to look for when evaluating data science cyber defenses. We'll explore the business value of ML behavioral analytics and provide insights into how this technology has radically improved their organization's security posture.
|10:30 — 11:00 AM||
Widespread & Worsening Cyber Events: A Cyber Insurer's Perspective
"Think earthquake modeling and building codes but for cyber security. Yes, this exists."
A leading cyber insurer's view of the state of cybersecurity, and cyber insurance, in 2021 and beyond. As ransomware continues to dominate the headlines, Matt will provide details on the state of the cyber insurance industry and various efforts underway to become an even more engrained part of the holistic solution. With the escalating market failures that exist in the cyber security and technology industries; cyber insurance also needs to change and the data that cyber insurers have is valuable. Matt will discuss how and why insurance data and establishing a common lexicon for ‘cyber catastrophes' in insurance contracts will inform society and continue to break down the walls between technology, cybersecurity, legal, insurance, & governments.
|11:00 — 11:30 AM||
Live Group Discussion
Be a part of the discussion. Join Advisory Board members Jeremiah Grossman, Wendy Nather, and Saša Zdjelar for a moderated discussion on the following topics:
Attendees should come ready to ask questions and actively participate.
|11:30 — 11:45 AM||
Why Security Transparency Makes for Good Corporate Governance
Transparency in hiring, sustainability and privacy is in demand from consumers, investors, and regulators. Boards of directors are paying attention and changing their practices as a result. Is cybersecurity transparency next?
This session will cover the fast-developing realm of responsible disclosure practices, the rise in outside-in security testing, and the pressure for disclosure within supply chains. This mindset shift — from secrecy to transparency — is already happening. Topics include:
|11:45 AM - 12:00 PM||Break|
|12:00 — 12:30 PM||
Great Expectations (for Cyber Incident Response)
As the prevalence of cybersecurity incidents increases, more organizations have been obligated to keep Incident Response firms on retainer, or hire them at full price in the midst of an intrusion. Many of the most high-profile and lauded firms have reached their maximum capacity and have waitlists for new customers. As a result, many new incident response service providers have moved to fill the gap. Some firms provide exceptional service and boast top talent. Others are unfortunately not prepared to provide quality incident response services and are essentially ambulance-chasing. This presentation will discuss reasonable expectations which a customer should have of their incident response provider, as well as an overview of the proper incident response onboarding process and technical lifecycle. Attendees will learn to recognize key indicators of good quality and warning signs of poor quality incident response service.
|12:30 - 12:45 PM||
A Seat at the Table: CISO Priorities are Business Priorities
During the past tumultuous year, CISOs have juggled many issues, including those brought on by the pandemic and a massive increase in the scale and scope of hacking, ransomware, and cybercrime. This session will dive into these challenges and look at how they have transformed the role of the CISO into that of a business enabler. Ben will share his expert advice on how CISOs can capitalize on this opportunity and keep the seat they've gained at the table.
|12:45 — 1:15 PM||
How to Put Breaches on Your Resume and Live to Tell the Tale
We live in a time when the probability of a breach is high. As security leaders, we build our security programs informed by that fact. We think about things like incident prevention, detection, and response across our data, systems, and networks. But we also should reserve time to think about what happens to our organizations, security teams, and our own careers ahead of the breach.
Bob Lord has had a front row seat at organizations that have experienced much publicized breaches. In this talk, he'll reflect on how companies and executives think about security, how that affects their actions, and how to build a more weatherproof career.
|1:15 - 1:45 PM||
Live Breakout Sessions:
Defending the Build Pipeline
Software runs the world and that's never been truer than it is today. From healthcare and transportation to finance and entertainment, software enhances our experience with hardware and each other. The development and deployment of software creates a "bottle-neck" risk which can impact many aspects of our lives. We will have an open discussion on the strategic implications of poorly protected build processes and how companies should be strategizing to better protect their software deployment journey.
Today's CISO – Leading a Resilient Enterprise
Cybersecurity in any organization is measured in by two instances in time – "before pandemic" or BP and "after pandemic" of AP. The BP CISO was largely viewed as the leader of a technical team, a cost center, and the department of "no". The AP CISO is viewed as critical to the success of business outcomes, a trusted advisor to C-suite colleagues and the board, and the leader of cross-functional team work.
Join the AT&T Cybersecurity team to learn how the role of the CISO is evolving in an AP world and how the decisions made by CISOs today matter for the future of your company. With a steady hand to guide a company, the modern CISO will lead the journey to resilience, adaptability, and new ways of conducting business in an era defined by edge computing.
The Emerging Cyber Threat Landscape
The recent Rise of Ransomware can be traced to WannaCry and (Not)Petya that fused large scale compromise techniques with an encryption payload that demanded a ransom payment in exchange for the decryption key. This fusion inspired this new generation of human operated ransomware, vastly expanding the ransomware business model into an enterprise scale operation blending targeted attack techniques and the extortion business model, threatening disclosure of data and/or encryption in exchange for payment. Learn how this rise in ransomware is influencing cyber strategies that help strengthen your security posture.
|1:45 - 2:15 PM||
At the close of the CISO Summit, join Black Hat Advisory Board members Jeremiah Grossman, Allison Miller, Justine Bone, and Alex Stamos for an insightful conversation on the most pressing issues facing the InfoSec community. This Locknote will feature a candid discussion on the key takeaways from the CISO Summit and how these trends will impact future InfoSec strategies.
|2:15 - 3:15 PM|
Gurucul is a global cyber security company changing the way organizations protect their most valuable assets from insider & external threats on-premises and in the cloud. Gurucul's real-time Unified Security and Risk Analytics Platform provides Analytics-Driven SIEM, UEBA, XDR, Risk-Driven SOAR, Identity Analytics, and Fraud Analytics
HackerOne empowers the world to build a safer internet. As the world's most trusted hacker-powered security platform, HackerOne connects organizations to the largest community of hackers on the planet. Armed with the most robust database of vulnerability trends, hackers find and safely report security weaknesses across all attack surfaces.
Our managed solutions with advanced security technologies and deep threat intelligence from AT&T Alien Labs and the Open Threat ExchangeTM, accelerate the response to cybersecurity threats. Our mission is to be your trusted advisor on your journey to network resiliency, making it safer to innovate.
CyberArk, the #1 provider of privileged access security, protects data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the most complete solution to reduce risk created by privileged credentials and secrets and is trusted by more than 50% of the Fortune 500.
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over two million companies continuously rated. Our mission is make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors.
Cybereason provides future-ready attack protection for defenders that unifies security from the endpoint to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of the entire Malop (malicious operation).
Become a Sponsor