Event Summary 6.29.2017

SecureXI – 11th Annual ISSA/ISACA Chicago Chapters Audit, Compliance & Security Conference and Networking Cruise

Chicago, IL

On June 22, 2017, Trexin participated in SecureXI – 11th Annual ISSA and ISACA Chicago Chapters Audit, Compliance & Security Conference and Networking Cruise off Navy Pier. ISSA/ISACA SecureXI included training sessions in the morning and an afternoon filled with an expert CISO panel and networking with some of the brightest folks in Chicago’s security circle.

The morning training focused on successful cloud migration, the dynamics of blockchain, protecting IoT, and an overview of the FBI’s Chinese counterintelligence areas of interest.  The sessions were very educational, and provided for insightful group discussions throughout the day.

The CISO panel was moderated by Arlan McMillan (CSO – Kirkland & Ellis), and included the following panelists:

  • Glenn Kapetansky – Chief Security Officer, Trexin Consulting
  • Waqas Akkwai – Global CISO, SIRVA Worldwide
  • Matthew Dechant – Director of Security & Information Security Officer, IDEO
  • Erik Hart – Chief Information Security Officer, Zebra

The panel exchanged thoughts on factors which dramatically impact an organization’s security program and maturity level. These items included:

  • Compliance Frameworks
    • There are many great options – how do you choose?
    • What’s the value of committing to a specific framework and ensuring adherence throughout the ranks?
  • Interconnectedness = Decrease in Safety
    • Your competitor across the street being an easier target is no longer a case for safety.
      • Because you are connected to neighbors, partners, and in some industries – collaborative competitors, their breach may become your breach.
  • Change in Assumptions
    • As security vulnerabilities evolve it is reasonable for all organizations to assume there will be a breach, and it may already be in progress.
  • Leveraging Audit – Friend or Foe?
    • Previously, audit teams have been viewed as a foe of sorts. Leveraging the audit team as a risk mitigation/remediation strategy is a step in the right direction. Changing this dynamic will change future outcomes.
  • InfoSec + Enterprise Risk Management
    • The value of alignment between the InfoSec and Enterprise Risk Management teams should not be minimized.

If you missed the panel and/or the entire event and would like to discuss expanded versions of the topics above, please contact Glenn Kapetansky to schedule a security briefing. For more information on Trexin’s security portfolio, please visit our capabilities site here.

Tagged in: Technology
Social Media Accounts