As businesses continue to embrace the cloud, technology continues to evolve and threats continue to become more sophisticated, the role of cybersecurity must change as well. That's the theme of Interop Digital's latest cybersecurity forum, coming up soon.
The digital cybersecurity event, called "Cybersecurity's Changing Role in IT: The Critical Next Steps in IT's Evolution – and How Cybersecurity Will Fit In," takes place on April 29. It offers talks, panels and fireside chats on a variety of topics, such as how to improve data security in the cloud and strengthen network security, as well as methods for connecting and harmonizing the activities of IT and security operations. In addition, attendees will have the opportunity to learn how to take advantage of next-generation application development strategies, artificial intelligence and machine learning.
The theme of this year's cybersecurity event is particularly relevant because of the events of the past year. "Many organizations had to recalibrate business functions following the onset of the COVID-19 pandemic, and IT played a critical role in supporting those changes. Nearly a year later, many organizations are still trying to understand what the new 'norm' means," said Fred Kwong, Ph.D., CISO & AVP Security, Identity and Operations at Delta Dental Plans Association. "Now is the opportune time for the IT community to discuss lessons learned and pathways forward to support the new hybrid workforce."
Elena Kvochko, chief trust officer at SAP, will give the keynote address, "Baking Cybersecurity into Enterprise IT." Attendees will learn more about the changing security environment, how to build trusted ecosystems and how organizations can navigate the new ecosystem. The goal, she said, is for attendees to be able to compare experiences, draw valuable lessons and get actionable feedback that they can apply to further improve internal processes and technology management approaches. "I hope they will get inspired by the new and effective ideas of how to protect complex systems in the dynamic times and pass that knowledge to their organizations," she added.
Kwong, along with Eric Brown, senior manager of enterprise identity and access management at SAIC, and David Levine, vice president of corporate and information security and chief security officer at Ricoh USA, will be discussing the future of authentication. As organizations continue to extend their footprint outside of the traditional data center, authentication is an essential control against nefarious actors. Kwong will explain the importance of designing a positive user experience to ensure adoption of all authentication technologies. He will also talk about how areas that were once considered "soft" requirements should now be "hard" requirements when implementing authentication technologies.
In addition, "We'll be discussing how securing identities with technology while balancing a simplified user experience is critical to maintaining productivity and can be facilitated with the right technologies," Brown said. He also will talk about the lessons SAIC learned as the company accelerated its plans to move to a remote workforce, including ones related to the enhancement of its multifactor authentication platform for remote employees.
AI and Security
A panel on the implications of AI and machine learning on enterprise security will help organizations understand how to best secure the ongoing operations of AI and ML, how they can use these advances to improve enterprise security – and how the bad guys might use these emerging technologies against them.
One panel member will be Diana Kelley, CTO at SecurityCurve, who will discuss the importance of looking through two different lenses to see the potential impact of AI and ML on enterprise security. The first is how ML and AI can be used in security products to improve a company's cybersecurity posture. The second is addressing potential security risks to enterprises adopting insecure AI and ML, which can include intentional and unintentional failure modes, along with misuse cases like poisoned data models, biased or incomplete data sets, and data leakage.
"Many people think of ML/AI as 'magic,' but it's math," she said. "I hope this panel helps attendees to feel empowered about their approach to adopting and using AI/ML technology securely at their organizations."
Other panels and fireside chat topics at the digital cybersecurity event include unmanaged devices, network security, network visibility and control, building security into the enterprise application development process, DevOps, and automating threat detection and response with SecOps intelligence.
Brown said he hopes attendees come away from the event feeling more comfortable with the work-from-anywhere workforce and more confident that they can address the challenges that can arise with a dynamically dispersed workforce. "More generally, event attendees should leave the conference with the sense that – now more than ever – cybersecurity is taking the leading role in the implementation of a permanent remote workforce methodology and in the way organizations interact with the outside world," he added.
For IT professionals working on a CISSP certification, the conference has teamed with (ISC)² to provide credits for Interop. IT professionals will earn one credit per one hour of security-themed sessions attended, with a maximum of eight per day.