Agenda - September 24
11:00AM - To Blow or Not to Blow: A CISO's Shakespearean Dilemma in Navigating Ethical Challenges in Cybersecurity
In the ever-evolving landscape of cybersecurity, Chief Information Security Officers (CISOs) often find themselves at the crossroads of protecting their organization's interests, upholding ethical standards, and adhering to regulatory requirements. This presentation explores the complex role of CISO.
Dd Budiharto
President & CEO
Cyber Point Advisory
1:45PM Unlocking Success: Navigating Your CMMC Level 2 Certification with Expert Tips from an Authorized C3
From the perspective of a CMMC Certified Assessor (CCA) affiliated with an authorized CMMC Third-Party Assessment Organization (C3PAO), this presentation is based on firsthand experience, having successfully compiled the necessary documentation and passed the rigorous U.S. Department of Defense’s DIBCAC High Confidence assessment.
This presentation aims to demystify the assessment process, highlight key focus areas for assessors, and outline the essential preparatory steps for achieving a CMMC Level 2 Certification Assessment. Topics will include the scoping process, understanding control inheritance, and setting realistic expectations for involvement and documentation from managed service providers (MSPs) and cloud service providers (CSPs).
Additionally, the presenter will share an essential objective evidence list designed to guide DIB contractors on what assessors expect regarding documentation and assessment activities. Attendees will leave with a solid understanding of the CMMC Level 2 certification assessment process, insights into assessor expectations, and resources to streamline their preparation for CMMC compliance.
Kyle Lai
President & CISO
KLC Consulting, Inc.
3:15PM - Vulnerability Management: Pushing Left to Action the “Right” Way!!!
Vulnerability Management has become an important business-critical function to help companies better understand their risk exposure across a vast landscape of attack vectors while managing vulnerabilities from their birth to their final remediation.
Often times vulnerability management programs have difficulty identifying assets, detecting, and managing vulnerabilities because of a lack of understanding of the direct and adjacent dependencies that are not well-defined across the company’s ecosystem to allow for the orchestration of people, process, and technology to govern the vulnerability management life cycle across those traditional IT towers.
The lack of well-defined vulnerability management relationships across traditional and siloed IT towers often creates an unmanageable backlog of vulnerabilities due to missing asset ownership identification, which ultimately hinders remediation assignment and final resolution.
In efforts to deal with this challenge, the NIST Cyber Security Framework (CSF) can be utilized to push companies left, to action the “right” way by “Identifying” assets to “Detect” their vulnerabilities to “Protect” by prioritizing risk using weaponized intelligence and asset attributes to “Respond” by having that foundation to create high fidelity campaigns, that allows for “Recovery” using governance and oversight for continual improvement.
The “Identify”, “Detect”, and “Protect” functions can be shifted to the left to concentrate on proactive activities of device activation and asset normalization to stop the bleeding of unknown assets being built with outdated images, while changing the culture to ensure all assets are identified with network location, asset criticality, and system ownership. The “Detect” function can be used to interrogate the company’s digital ecosystem to understand technology stacks (e.g., IT, OT, IoT & IoE) and their system components (e.g., operating system, application, database, & more) to address which types of scan platforms and modules are required to detect those system components across the technology stacks. Additional focus can be placed on the “Protect” function to move from a severity based (e.g., CVSS) venerated prioritization methodology to a risk-based approach using a combination of weaponized intelligence, network location, and asset criticality to prioritize which vulnerabilities should be first to be remediated.
The reactive NIST functions of “Respond” and “Recover” can be integrated with orchestration to assign urgent vulnerability ticket campaigns to attach accountability to downstream remediation teams that allows for the tracking and trending of key risk (i.e., urgent weaponized vulnerabilities) and key performance (i.e., mean time to remediate) indicators. Capitalizing on this layer of accountability, “Governance” can perform oversight to provide focus and assistance by improving process and procedures to align with resources and technology.
Johnny Shaieb
Chief Architect, Vulnerability Management
IBM
4:15PM - Advice to CISOs: Competencies for a New Age
This is not an easy or relaxing time for CISOs and cybersecurity professionals. Regulatory entities are demanding more disclosure on organizations’ programs externally and holding not only companies, but CISOs individually, responsible that it matches what’s going on internally. Attacks occur every 11 seconds, technology is exploding and the attackers’ advantage is growing. Still, if you are in the right place, there’s never been a more important time to commit to your organization. That means defining the competencies needed for the role (current and future state), honestly assessing yourself and developing around the gaps – just as your team is expected to do. Al Lindseth has been solving Board-level issues, wearing multiple hats including Risk Officer, CIO and CISO at a Fortune 100 company, and presenting/collaborating/advising on the role for decades. The goal of Al’s talk is to provide guidance in development in three key areas that represent important and newer competencies for the modern CISO: being a more strategic risk manager, being more innovative and being a true change agent.
Al Lindseth
Principal
CI5O
Agenda - September 25
10:00AM - Beyond Checklists: How Systems Auditors Drive Organizational Value
Stephen approaches this topic with a focus on the evolving role of systems auditors, emphasizing their strategic value in today's complex business environment. He emphasizes moving beyond the traditional compliance-focused perspective, highlighting how auditors proactively identify and mitigate risks, optimize processes, and help ensure financial integrity. Stephen also delves into the increasing importance of auditors in cybersecurity, showcasing their role in safeguarding sensitive data, protecting against cyber threats, and improving controls.
Stephen Alexander
Security Consultant
Trace3
11:00AM - CISO Panel - Navigating the CISO Evolution: Embracing AI, Enhancing Cyber Resiliency, Ushering the Next Cyber Leaders, Strategic Budgeting Amidst Regulatory Changes, and Current Events
The CISO panel at HOU.SEC.CON 2024 will explore the rapidly evolving role of the Chief Information Security Officer in today's complex cybersecurity landscape. The discussion will cover key topics such as the integration of AI in security frameworks, strategies for enhancing cyber resiliency, and the challenges of managing cybersecurity budgets amid new SEC regulations. Panelists will also address current events impacting the industry, providing insights into how CISOs can navigate these challenges while maintaining robust security postures. Additional topics will include ushering the next-generation of cyber leaders, accomplished CISO – what’s next, and other hot topics. This session promises to be a deep dive into the critical issues shaping the future of the cybersecurity profession and its leaders.
Dd Budiharto
President & CEO
Cyber Point Advisory
Alfred Lindseth
Principal
CI5O
Mary Dickerson
Associate Vice President & Chief Information Security Officer
UTHealth
Mario Chiock
Security & Technology Executive Advisor
Marc Crudgington
VP of IT Infrastructure and Cybersecurity
Crane Worldwide Logistics
Anne Rogers
Principal Consultant
PMTech-Pro, LLC
1:00PM - Optimize Threat Detection, Response, and Remediation with CTEM
Understand how Continuous Threat Exposure Management (CTEM) can elevate the effectiveness of Detection and Response strategies. By integrating CTEM into security operations, mean-time-to-detect (MTTD), mean-time-to-respond (MTTR), and mean-time-to-remediate (MTTM) will be drastically reduced, leading to a more proactive and resilient cybersecurity posture. •Proactive Threat Management: Continuously identify and mitigate vulnerabilities across detection and response tools, reducing MTTD, reducing threat debt and thereby stopping threats before they impact organizations. •Accelerated Response: Decrease MTTR by enabling faster, more coordinated responses across all detection and response platforms, ensuring swift threat containment. •Efficient Remediation: Streamline the remediation process, significantly lowering MTTM and enabling quick recovery from incidents to maintain business continuity. •Enhanced Operational Efficiency: Leverage real-time insights and proactive measures to optimize detection and response capabilities, minimizing downtime and reducing the overall impact of security incidents. By incorporating CTEM into cybersecurity strategies, detection and response tools and strategy operate at peak efficiency, providing continuous protection and positioning organizations as leaders in cybersecurity resilience.
Anand Choudha
CEO
Hive Pro
2:00PM - AI & the Boardroom
Today, AI is no longer a futuristic concept but a tool that is driving operational efficiency, customer experience, and decision-making processes. Organizations are observing its transformative power firsthand across various industries and organizational aspects. Its applications are vast and varied, from predictive analytics to automation to quickly generating content for marketing and communications. AI enhances threat detection and response in cybersecurity by identifying patterns and anomalies that human analysts cannot find in real time.
James McQuiggan
Security Awareness Advocate
KnowBe4
3:00PM - Texas New Privacy Law, and How to Comply
This talk will focus on how to comply for smaller companies. It will go into some detail on the various policies needed, and the privacy policy itself, as well as how to comply with the DPA portion of the law.
Harvey Nusz
Executive Privacy Advisory
Data Protection Officer