A SecurityWeek Event

A VIRTUAL EVENT FOR 2022

An Exclusive Executive Forum Focused on
Information Security Leadership and Strategy

September 13-14, 2022

2021 CISO Forum Presented by

https://www.cisoforum.com/wp-content/uploads/2021/08/Cisco-Secure-Logo.png

2021 Diamond Sponsors

https://www.cisoforum.com/wp-content/uploads/2021/08/Synack_Logo-300x76-1.jpeg
https://www.cisoforum.com/wp-content/uploads/2020/09/Palo_Alto-Networks-logo.png

2021 Platinum Sponsors

https://www.cisoforum.com/wp-content/uploads/2021/08/Okta_logo.png
https://www.cisoforum.com/wp-content/uploads/2021/08/Recorded_Future-Logo-wide.png
https://www.cisoforum.com/wp-content/uploads/2021/08/Beyond_Identity-logo-320x144.png

2021 Gold Sponsors

https://www.cisoforum.com/wp-content/uploads/2021/08/Proofpoint-Logo.png
https://www.cisoforum.com/wp-content/uploads/2021/08/Eclypsium_logo.png
https://www.cisoforum.com/wp-content/uploads/2021/08/synopsys_logo.png
https://www.cisoforum.com/wp-content/uploads/2021/08/Corel_logo.png
https://www.cisoforum.com/wp-content/uploads/2021/08/Abnormal-Security.png
https://www.cisoforum.com/wp-content/uploads/2021/08/Cymulate_Logo.jpg
https://www.cisoforum.com/wp-content/uploads/2021/08/ReversingLabs_logo.png

Silver Sponsors

https://www.cisoforum.com/wp-content/uploads/2021/08/VirusTotal.png

2021 CISO Forum

SecurityWeek’s CISO Forum takes place annually at the beautiful Ritz-Carlton, Half Moon Bay, which has served as the venue of the forum since 2014.

Given the global situation resulting from the COVID-19 pandemic, SecurityWeek’s 2021 CISO Forum, Presented by Cisco, will take place virtually. Through a cutting-edge platform, attendees will be able to interact with speakers and sponsors, and visit networking lounges, specific zones & sponsor booths.

This  event is designed for security leaders to discuss, share and learn information security strategies. (Register)

Visit Here for the Latest Event Updates for the Virtual Edition

An Exclusive Executive Forum Focused on Cybersecurity Leadership and Strategy

September 14-15, 2021
Virtual Event – View Event Website

Throughout this two-day virtual event, sessions will have a strong focus on participation from CISOs in panel discussions along with talks from industry experts, analysts and other end users, and thought leadership, strategy and technical sessions.

Topics Include:

  • Fireside Chat: Adrian Stone: VP, CISO at Peloton
  • Winning Hearts and Minds on the Board
  • Designing and Architecting Security for a Hybrid World
  • CISO Panel: Navigating SBOMs and Supply Chain Security Transparency
  • Panel: CISO’s Guide to Building a Security Dream Team
  • Panel: The Top 5 Priorities of the Modern CISO
  • Defenders Playbook for Attack Simulation and Security Posture Validation
  • Virtual Expo and Networking
  • Identity-Focused Security for Your Zero Trust Journey
  • Winning Hearts and Minds on the Board
  • Securing Our Cloud Environment Against Hackers
  • Key Insights to Prevent Never-Before-Seen Cyber Attacks
  • SASE Industry Trends
  • Measuring Security and Building Trust with Leadership: Enabling Transformation Through Testing
  • How DevOps Can Make AppSec Testing Seamless
  • Addressing Sophisticated Supply Chain Attacks Head On with No Source Code Required
  • Much more! – Add to Calendar

Through a cutting-edge platform, attendees will be able to interact with speakers and sponsors, and visit networking lounges, subject-specific discussion areas, and sponsor booths in a virtual expo hall.

Adrian Stone

Adrian Stone

Peloton
VP, CISO

Anne Marie Zettlemoyer

Anne Marie Zettlemoyer

Mastercard
VP, Security Engineering

Caleb Sima

Caleb Sima

Robinhood
CISO

Allan Friedman

Allan Friedman (Invited)

Cybersecurity and Infrastructure Security Agency (CISA)
SBOM Champion

Summer Craze Fowler

Summer Craze Fowler

Argo AI
CISO/CIO

Fredrick Lee

Fredrick ‘Flee’ Lee

Gusto
Chief Security Officer

Shaila Shankar

Shaila Shankar

Cisco
SVP and General Manager of Cisco Cloud Network and Security

Jonathan Jaffe

Jonathan Jaffe

Lemonade
CISO

Aanchal Gupta

Aanchal Gupta

Microsoft
VP, Azure Security

Lena Smart

Lena Smart

MongoDB
CISO

Sounil Yu

Sounil Yu

JupiterOne
CISO

Theresa Payton

Theresa Payton

Former White House CIO
Star of CBS TV series, “Hunted”, and Leading Cybersecurity Expert

https://www.cisoforum.com/wp-content/uploads/2015/12/halfmoonbay.jpeg

HALF MOON BAY, CA

Ritz-Carlton

September 24-26, 2019

Address

1 Miramontes Point Rd, Half Moon Bay, CA 94019

Phone

+ 1 (650) 712-7000

Why AI Raises Your Risk of Cybercrime – And What to do About It

11/08/2018 0

The robots are coming. It has become conventional wisdom that artificial intelligence (AI) and machine learning (ML) will increasingly determine our lives going into the future. By 2020, according to an estimate from Capterra, about 85% of customer-business interactions will take place with AI, without a human involved. 47% of organizations with advanced digital practices have a defined AI strategy, based on data from Adobe. But for IT and security executives and professionals who must protect against cybercrime, AI poses both a promise and threat.

The industry is looking toward the promise of AI tools to stay a step ahead of the cybercriminals. Experian’s 2018 annual Data Breach Preparedness Study found just 31% of respondents were confident in their organization’s ability to recognize and minimize spear phishing incidents, and just 21% were confident in their organization’s ability to deal with ransomware. Malware and cyberattacks evolve over time. ML uses data from previous cyberattacks, leveraging what it knows and understands about past attacks and menaces to identify and respond to newer, similar risks. The thinking also goes that AI and ML will help save time for overburdened IT departments.

The threat comes from the bad guys also employing AI to create more sophisticated attacks, enhancing traditional hacking techniques like phishing scams or malware attacks. For example, cybercriminals could use AI and ML to make fake e-mails look authentic and deploy them faster than ever before. Criminals could apply AI to develop mutating malware that changes its structure to avoid detection. AI could scrub social media for personal data to use in phishing cons. Data poisoning is another danger, in which attackers find out how an algorithm is set up, then introduce false data that misleads on which content or traffic is legitimate and which is not.

A lesser threat comes from within the industry, as companies rush to market with so-called AI cyber security tools. There is a difference between AI and machine learning. ML algorithms train on large data sets to “learn” what to look for on networks and how to respond to various scenarios. Generally, ML needs new training data to calculate and reach new conclusions, while a true AI system does not.
Some products are based on “supervised learning,” requiring the data sets that algorithms are trained on to be chosen and labeled, by tagging malware code and clean code, for example. Some vendors are using training information that hasn’t been thoroughly scrubbed of erroneous data points, which means the algorithm won’t catch all attacks. Hackers could switch tags so that some malware is designated as clean code, or simply figure out the code the ML is using to flag malware and delete it from their own, so the algorithm doesn’t detect it.

Given the fast-changing landscape, here are some tips to realize the enormous potential of AL and ML and still protect your organization.

Resist the hype. AL and ML are the hot buzzwords and technologies of the moment. But there’s also a great deal of confusion. According to ESG Research, just 30% of cybersecurity professionals feel they are very knowledgeable about AI and ML and their application to cybersecurity analytics. When purchasing an AI or ML tool, try to do your research and understand what you’re buying so that it’s an effective and appropriate solution for your organization.

Keep a human involved in the process. There used to be an old IT truism of bad data in, bad data out. The “intelligence” in AI is based on data inferences and correlations, which need to be checked and monitored so the model is addressing risks appropriately and evolving as you need. ML systems shouldn’t be totally autonomous. They should be set up with a human in the loop, and the ML should know to ask for help with presented with an unfamiliar situation.

Have a strong data breach plan. According to Experian’s Data Breach Preparedness Study, 88% of organizations have a data breach response plan in place, but less than half (49%) think it is effective or highly effective. If you have a plan, it shouldn’t just sit on a shelf. Make sure that it is robust, with buy-in from all the key departments of your company, and drill on it early and often. If you need to get started on a plan or refine it, Experian’s updated Data Breach Response Guide can serve as a resource.

AI and ML are the wave of the future. But the cyber threats are real now, and so are the limitations of the technology as a foolproof protection tool. Be aware, both of what’s ahead from the cybercriminals and how you’re applying AI solutions, so you’re not lulled into a false sense of security.

 

About the Author: Michael Bruemmer, Experian Michael Bruemmer is Vice President of Experian Data Breach Resolution, which helps businesses mitigate consumer risk following data breach incidents.


Leave a Reply

Your email address will not be published. Required fields are marked *


Subscribe for Event News