Toronto Chapter: The CIO’s Role in Reimagining Risk Management in Modern Software Development

Description

Cyberattacks continue to rise industry-wide, IBM’s Cost of a Data Breach research uncovered that organizations on average spend $4.92M USD for a breach involving compromised credentials, and the detection and containment of these breaches took the longest to identify and contain, at an average of 292 days.

IT teams have spent years managing human identities, but today digital or non-human identities (NHI’s) vastly outnumber human identities in most organizations. The exponential growth of cloud, microservices, API keys and IoT, now accelerated by AI and machine learning workloads, has vastly increased NHI’s. In fact, IBM’s research also uncovered that 97% of AI related data breaches lacked access controls, reinforcing how AI is greatly outpacing security and governance, placing organizations at risk creating vulnerability in Identity and Access (IAM) strategies. 

IT teams must now focus on DevSecOps integration as a strategic priority to align security with the rapid pace of software development and integrate security and compliance into every stage of software delivery. DevOps or platform engineering teams typically handle NHI’s and this separation leaves security and identity teams in the dark about their existence and security status. For threat teams, it is not a question of whether they will face an identity-related incident or breach but when. SIEM, SOAR, and XDR tools are essential tools for security operation center and threat teams but lack the capabilities to detect identity-specific threats.

In this discussion format session, we’ll explore the following: 

• Benefits of automating secrets management
• How organizations can centralize sensitive data and automate security workflows
• Review how observability and broader visibility into identity behaviour (human and non-human) is critical for threat detection and posture management.

Speaker: Jake Lundberg, Field Chief Technology Officer, HashiCorp an IBM Company

Jake's background is in operations with focus on systems and network administration as well as DevOps engineering.  He has extensive hands-on experience and leadership roles in the field.  He works closely with clients as a strategic partner to help them:

• Create efficient multi-cloud/hybrid infrastructures that are cost effective, secure, and compliant.
• Modernize application run-time environments with specific focus on scale and re-usability to help increase developer satisfaction by driving down release times while also maintaining high levels of availability, reliability, security and compliance.
• Align digital transformation goals with the processes and tools to achieve them.

Jake has worked with some of our largest strategic clients such as JPMC, Disney, American Express, ServiceNow, Twitter, Hulu, Starbucks, TJX, Riot Games and many more over the years.

Agenda

6:00 - 7:00pm – Arrival & Networking Reception

7:00 - 8:00pm – Presentation – Q & A

8:00 - 8:30pm – Networking

Hors d’oeuvres & Beverages to be served

Open to CIOCAN Members & their Qualified Non-Member Guests Only (CIO/CISO/Senior IT Executive)

Thank you to our sponsor!