Des Moines, IA

In a 2021 survey of CIOs, respondents cited limited resources, new or changing regulations and tracking and maintaining compliance as the top three challenges keeping them up at night. With teams stretched thin trying to keep up with compliance requirements and growing numbers of threats and stakeholder demands, manual processes can no longer keep up.

Automation is a strong first step in reducing manual work and freeing up your team’s workload.  However, it is insufficient if it doesn’t help your InfoSec leaders clearly communicate the risk associated with the organization’s business priorities so they can make informed, data-driven investment decisions.

The ability to focus on strategic business priorities helps optimize the talents of small InfoSec teams. When you automate the more tactical and routine work, a more reliable and comprehensive approach to GRC is created while optimizing your teams’ talent by freeing them from manual work.

Join us as we discuss how taking a strategic approach to risk management combined with automation can ensure that businesses stay ahead of the threats they face every day.

Attend this webinar and learn how to:

• Focus your planning efforts around your organization’s strategic business priorities
• Be more proactive by automating evidence collection, risk scoring and monitoring
• Gain actionable insights to help you clearly communicate with key stakeholders

This learning session is designed to help organizations understand the security problems within APIs. With APIs being the connective tissue of digital transformation, many incorrectly assume that traditional security products are enough. The reality is that most organizations have an API blind spot and have no visibility into how many they use. Ultimately, you cannot protect what you cannot see.

Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault, where OSS project credentials are compromised and malicious code is intentionally injected into open source libraries, allows hackers to poison the well.  In this session, Sonatype will explain how both security and developers must work together to stop this trend. Or, risk losing the entire open source ecosystem.

• Analyze, and detail, the events leading to today’s “all-out” attack on the OSS industry
• Define what the future of open source looks like in today’s new normal
• Outline how developers can step into the role of security, to protect themselves, and the millions of people depending on them

As the lines between nation-state sponsored and financially motivated cybercrime attacks continue to blur, and as government officials around the world warn businesses to prepare for cyberattacks stemming from geopolitical conflicts, Defend Forward seeks to empower organizations with the proactive strategies and bias for action they need to confront motivated adversaries.  This session will arm organizations with the concepts key to not only defending themselves from cyberattacks, but essential in deterring them as much as possible.

Data protection, security maturity and regulatory compliance go hand in hand. A variety of initiatives can help teams align to best practices while building on their security maturity. Knowing what types of data you have, who has access to it and how it’s used provides data-driven evidence that better supports decision making and demonstrates to stakeholders and auditors that you’re taking appropriate steps to protect your business’s sensitive data – and the privacy of your customers.

This session will review:

• Identifying a Critical Path through security frameworks like the NIST Cybersecurity Maturity Model
• Understanding the evolution of Data Complexity
• Leveraging core security initiatives to achieve greater security maturity, whether you’re getting started establishing your baseline or scaling your strategy