Dutch Schwartz –

Cloud Security Strategist at Amazon Web Services

Dutch Schwartz has 25 years of experience in technology from startups to five Fortune 500 companies. He’s recognized as a thought leader in cybersecurity and his LinkedIN content had over 130k views in 2020. A sought-after speaker, he’s a frequent panelist and podcast guest on topics including the benefits of cloud security, how to create a culture of security, and how to break into cybersecurity. Having worked with more than 50 CISOs of Fortune 500 companies to create cybersecurity solutions, he understands the evolution of CISO responsibilities and the challenges which security teams face. Dutch holds a Master’s of Business Administration in Global Management and was a strategy and planning officer in the US Army. He melds his formal training with his practical experience in cybersecurity to develop cloud security strategies for customers of Amazon Web Services.

Jason Albuquerque –

CIO & CSO at Carousel Industries

Matt Alderman –

Executive Director at CyberRisk Alliance

Paul Asadoorian –

Founder at Security Weekly

Jason Albuquerque –

CIO & CSO at Carousel Industries

Matt Alderman –

Executive Director at CyberRisk Alliance

1. Are businesses underinvesting in cybersecurity? – Even as cybersecurity trends and attack vectors have changed, many organizations continue to rely on — and invest in — the same tools and systems they’ve used for years. While companies may look to increase their cybersecurity budgets, they are actually underinvesting in the solutions needed to meet today’s threat landscape.
2. Security needs to be embedded in every stage of the business cycle – Vishal Salvi, chief information security officer (CISO) and Head, Cyber Security Practice, Infosys, tells Sudhir Chowdhary that more than technology itself, nurturing a culture that recognises cybersecurity as top priority is critical to establishing digital trust and resiliency in these evolving times.
3. 4 tips to help CISOs get more C-suite cybersecurity buy-in – Even though cybersecurity is becoming more prominent in the boardroom, many CISOs continue to struggle with executive buy-in and comprehension — some board members often have differing perspectives on what cybersecurity is about and its relation to privacy, data protection and regulatory risk. How do you position your cybersecurity strategy and program with the board?

   1. Tell a cohesive story and narrative around cybersecurity
   2. Focus on existential security risks first
   3. Lead with CARE: Are security controls consistent, adequate, reasonable and effective?
   4. Connect the dots between security initiatives and business outcomes.

4. Cybersecurity 2021: Asking the Right Question – Security Boulevard – No one is spending time to ask the right question. While a security analyst is busy deciphering 600-page reports and a CISO negotiates an increase in the year’s cybersecurity budget, the board only wants to know if their organization is secure.

   What question should we be asking? “How likely are you to get hacked, today?” And the answer to that is based on two other unanswered questions:

   1. How current, or real-time is your information?
   2. Are you quantifying your cyber risk?

5. The view from the top: IT spending could get better – Out of the 100 CIOs surveyed, 41 expect to increase their 2021 budgets compared to 2020. An additional 40 have a smaller budget this year, but 33 of those 40 said that they plan to revise their budgets if the economy improves by the end of the 2021.

   Security remains a top enterprise priority in 2021 and cloud conversions, whether pandemic driven or not, are also driving spending.

6. New CISO Priorities of 2021 – Security Boulevard – Drastic shifts to the way we work will continue in 2021 as CISO priorities continue to adapt in this new work-from-home era; we have seen a drastic shift in direction amongst security professionals. Here are the latest trends:

   1. Protecting Assets with Least Privilege
   2. Shifting Identity Management
   3. Integrating DevSecOps
   4. Continuous Auditing and Reporting
   5. Moving to Proactive vs. Reactive
   6. Staying Vigilant and Continuing Education

Paul Asadoorian –

Founder at Security Weekly