CISO Institute: USA

Adriano Koshiyama, Co-founder and Co-CEO
Holistic AI.

This Boardroom discussion delves into the critical realm of securing Application Programming Interfaces (APIs), which are pivotal in modern digital interactions and data exchange. The topic begins by highlighting the importance of APIs in contemporary technology ecosystems and the consequent rise in security threats they face. It addresses how APIs, being gateways to sensitive data and services, are increasingly targeted by cyberattacks, making robust security measures essential. The piece then transitions into an exploration of current best practices and challenges in API security. It discusses strategies like implementing robust authentication and authorization protocols, such as OAuth and OpenID Connect, to ensure that only legitimate users and services can access the API. Encryption of data in transit and at rest is emphasized, alongside the importance of rigorous input validation to prevent common attacks such as SQL injection and cross-site scripting (XSS).

John McDonough, Sr. Cloud Devops Engineer at Fortinet at Fortinet

Artificial Intelligence and machine learning have been integrated discretely into individual components across the security practice. The challenge of bringing tools into a framework that improves SOC efficiency and provides human scale remains elusive. Complications center on bringing multi-provider and multi-vendor ecosystems into harmony across security workflows, recruiting multiple organizational roles as security contributors, and managing the practice with scarce resources in people and skills. Artificial intelligence and machine learning provide a path to solve for these challenges, drives down risk, and allow security practitioners to focus on evolved threat hunting activities.

In the digital age, ethical considerations are paramount. This topic covers the ethical use of technology, particularly AI and big data, the implications of digital decisions on privacy and society, and strategies for developing ethical guidelines and policies

Choose your lunch table based on your preferred discussion topic

• Security,
• AI,
• Digital Transformation,
• Leadership and talent development,
• Data Strategy.

Embrace your role as a Data Guardian, protecting the realm of enterprise data from chaos. We'll discuss strategies for robust data governance, ensuring compliance, security, and integrity in a world brimming with data threats. Data governance is crucial in today’s data-driven landscape. This topic covers the development and implementation of policies and procedures that govern data access, quality, and security. It also addresses compliance with evolving regulations, the role of data governance in strategic decision-making, and how proper data management can be a competitive advantage.

In today's interconnected business ecosystem, organizations increasingly rely on third-party vendors and partners to deliver essential services and products. This dependence, while beneficial for business growth and operational efficiency, introduces a myriad of risks that can threaten data security, compliance, and overall business continuity. "This session delves into the complexities of third-party risk management (TPRM), providing readers with a comprehensive guide to identifying, assessing, and mitigating risks associated with external entities.

Quantum computing presents both opportunities and challenges in cybersecurity. This topic explores the potential impact of quantum computing on current encryption methods, the race for quantum-resistant cryptography, and the need for organizations to start preparing for a post-quantum world. Discussions also cover understanding the timeline of quantum development and proactive strategies for ensuring long-term cryptographic security.