Why International CISOS Summit Why you should attend the International CISOS Summit

This exclusive CISO event creates a perfect environment for the exchange of ideas and establishing a professional network with other CISOs.

Buy Ticket

Cost to Attend: $200 USD

Includes:
- Access to all sessions
- Brunch and lunch 2 days (September 11 and 12)
- Welcome Cocktail (September 11)

01

Venue: Radisson Cartagena Ocean Pavillion Hotel

The hotel offers a suitable space to learn and interact with the invited experts and assistants. You will not need anything during your stay.

02

Networking

A well established network has become an important part of our personal and professional lives. Here, you have the opportunity to strengthen your network by meeting other peers and establishing new communication channels for the exchange of ideas.

03

Host City

Cartagena de Indias, with its wonderful nightlife, exuberant landscapes, and its beaches with its refreshing breeze and the warm waters of the Caribbean Sea, makes it one of the most popular destinations on the rise according to TRIPADVISOR.

04

Meet our Expert Speakers

Wendy Nather

Head, Advisory CISOs, Duo Sec (Now Cisco)

Dr. Andrea Little Limbago

Chief Social Scientist, Virtru

Pablo Breuer

Innovation Officer | Donovan Group | U.S. Special Operations Command

Elizabeth Wharton

VP, Strategy for Prevailion

Kai Roer

CEO, CLTRe

Emre Kulali

Vice President of Business Development - Acalvio Technologies

Victor Anda

Director – México & LATAM, Exabeam

Ricardo Guedes

Regional Sales Director for Latin America - Nozomi Networks

Mike Kiser

Strategist and Evangelist, Office of the CTO - SailPoint

Sebastian Brenner

Cybersecurity Strategist for Latin America and the Caribbean - Symantec

Lic. Antonio Sanchez, CISSP

Marketing Director, User and Data Protection – Forcepoint – Forcepoint

Stay current

Our expert speakers will provide insights that will help you protect your data and secure your business long term.

Schedule Details International CISOS Summit Agenda

Content focused on Information Security leadership and Strategy for securing the next generation of IT.

September 11

08:00 AM - 08:30 AM

Opening Ceremonies

Edgar Rojas

Welcome comments and innauguration

08:30 AM - 09:30 AM

Building Your Security Portfolio

Wendy Nather
Head, Advisory CISOs DuoSec (now Cisco)

With all the security technologies out there, how do you decide which ones are critical, and in which order do you bring them in? We'll use the Cyber Defense Matrix, created by the Chief Security Scientist at a large international bank, to look at ways to assess your portfolio, communicate it to your management, and even figure out how to trim what you don't need.

09:30 AM - 10:30 AM

Real-time Operational Visibility Solution and Cyber Security for Industrial Control Networks

Ricardo Guedes
Director Regional de Ventas para América Latina - Nozomi Networks

Approximately 70% of the cyber security professionals of companies that have industrial operations will need to develop skills and address the areas of automation until 2024. The "convergence" of information technology and automation technology "driven by the advent of Industry 4.0", addresses the increase in resilience and increases security requiremens of processes avoiding operational errors, sabotage, attacks and the proliferation of malware that can stop operations and provide essential services for society.

10:30 AM - 11:00 AM

Morning Break

Enjoy a nice cup of freshly brewed Colombian coffee; check your messages; interact with attendees, presenters, and sponsors.

11:00 AM - 12:00 PM

ALL 'cyber' WAR IS BASED ON DECEPTION

Emre Kulali Vice President of Business Development Acalvio Technologies

Three minutes. In general, front-line security operations analysts have three minutes to evaluate an alert on their front pane of glass and determine if it warrants further investigation or can be dismissed as "not impactful to the organization". Your analysts must be right every single time in order to prevent a breach that could cost millions of dollars, the adversary - they only need to be right one time. This session will illustrate:

  • How SOC / IR teams can utilize high-fidelity alerts such as those generated by Deception-based solutions.
  • Approaches strategies for design and deployment effective of Deception solutions
  • Power of correlation and data analytics to reduce the time it takes to answer basic triage questions on an alert.
  • How to develop actionable visualizations that improve the hunt for adversaries in your network.
  • 12:00 PM - 01:30 PM

    Lunch Break

    Lunch will be served at hotel's restaurant.

    01:30 PM - 02:30 PM

    Applying Information Security Paradigms to Misinformation Campaigns: A Multidisciplinary Approach

    Pablo Breuer
    Innovation Officer | Donovan Group | U.S. Special Operations Command

    A misinformation attack is the deliberate promotion of false, misleading, or mis-attributed information, often designed to change the beliefs of large numbers of people. Misinformation is an information security problem in part because information technology and the internet are how misinformation messages are generated, transmitted and received. Historically, large-scale misinformation (propaganda) has been the domain of nation-states, but the Internet has also enabled non-state actors to have effects formerly only available to nation-states. Additionally, the Internet has enabled nation-states to conduct influence campaigns in a new manner that is less attributable and can therefore be conducted without substantial risk of starting a war.

    Power-motivated misinformation has been studied as an information security problem, information operations problem, a form of conflict, a social problem and a news source pollution. Each of these studies uses a different framing and ontology; we cover the adaptation of existing information security frameworks and principles into a framework and common ontology for these communities to share information about misinformation campaigns incidents and conduct componentwise response to them. We also describe the links between information operations, artefact-based data science and narrative analysis of misinformation campaigns.

    02:30 PM - 03:30 PM

    Facts and fiction of security culture - The how and what to measure in order to actually improve

    Kai Roer
    CEO, CLTRe

    A journey through different ways of measuring security culture and awareness, how some of the metrics are useful, while others are a waste of resources. Learn what to measure, how to do it correctly, and how to use the results to improve the overall performance of your security culture program.

    03:30 PM - 04:00 PM

    Afternoon Break

    Enjoy a nice cup of freshly brewed Colombian coffee; check your messages; interact with attendees, presenters, and sponsors.

    04:00 PM - 05:00 PM

    Nexus of Security and Privacy

    Dr. Andrea Little Limbago
    Chief Social Scientist, Virtru

    Security and privacy have traditionally remained siloed. Security tends to focus on the technical implementation of protecting data and infrastructure, while privacy focuses on the legal and ethical considerations behind the storage, access, protection, and sharing of data. In many areas, this separation of the two is relevant and appropriate, but increasingly there is significant overlap in the area of unauthorized data access. A focus on this nexus can help streamline resources, strategies, and awareness to optimize both security and privacy. We'll discuss this growing overlap through real-world examples, detail the prevalence of and the various ways unauthorized data access impacts both security and privacy, and discuss how organizations can benefit by operating at the nexus of security and privacy to best handle the evolving compliance and threat landscapes.

    05:00 PM - 06:00 PM

    Welcome cocktail

    Join us during our cocktail hour to celebrate our first day. Enjoy some local delicacies and sounds of Cartagena

    Septiembre 12

    08:00 AM - 08:30 AM

    Start of Day 2

    Edgar Rojas

    Welcome to day 2 activities

    08:30 AM- 9:30 AM

    Applying Data Science to the Analysis of User and Entity Behavior for the Detection of Threats

    Victor Anda
    Director – México & LATAM, Exabeam

    The behavior analysis of users and entities (UEBA) has become a critical component of any Security Information and Event Management System (SIEM). UEBA monitors the behavior of every user and entity within the network; pointing out the unexpected behaviors that need to be investigated. UEBA applies Data Science to detect activities that, if traditional methods based on correlation rules and signatures are used, would be impossible or difficult to identify.

    09:30 AM - 10:30 AM

    Every Breath You Take: How to Make Your Identity Sing

    Mike Kiser, Strategist and Evangelist, Office of the CTO - Sailpoint

    Great music does not spring out of nothingness — in the hands of a talented producer, trivial melodies become emotionally powerful works of art. Identity plays a similar role in security — weaving disjointed tasks into a coherent whole. We'll learn from Sting and The Police as we explore how to make identity successful within an organization. Just as they overcame obstacles to create a musical masterpiece, we'll map out how to use the same tactics to break through implementation barriers as we protect key resources and create new business opportunities.

    As we examine their musical process, we'll see how to transform your identity program from isolated actions into a cohesive whole, using emerging technologies to build a new model for identity. This not only improves current identity governance efforts, but also allows us to see what will happen in the future: in short, we will take a musical journey that will show us the true power of predictive identity.

    10:30 AM - 11:00 AM

    Morning Break

    Enjoy a nice cup of freshly brewed Colombian coffee; check your messages; interact with attendees, presenters, and sponsors.

    11:00 AM - 12:00 PM

    Expert panel focusing on Security Awareness

    Smartfense

    Smartfense will be the moderator of this panel of experts where the topic is the importance of security awareness and how to implement a successful awareness program in your company is discussed.

    12:00 PM - 01:30 PM

    Lunch Break

    Lunch will be served at hotel's restaurant.

    01:30 PM - 02:30 PM

    Minimizing Supply Chain Risk

    Elizabeth Wharton
    VP, Strategy for Prevailion

    When every third-party and supply chain partner is an attack vector, maximizing threat visibility and resource utilization becomes key. Effective risk modeling for supply chain vulnerabilities enables internal security teams to focus on restoring systems rather than the breach blame game. Drawing on the City of Atlanta's 2018 ransomware incident and other local government breaches as a backdrop, this presentation will identify high-risk supply chain verticals and provide risk mitigation steps for internal planning processes.

    02:30 PM - 03:30 PM

    Cyber security as the protagonist of the digital transformation in the Cloud era

    Sebastian Brenner
    Cybersecurity Strategist for Latin America and the Caribbean - Symantec

    The weight of the expectation of customers, regulators, and the community in general on the organization's security posture has grown exponentially for all industries. In recent years, cyber attacks have cost millions of dollars, but the cost goes beyond what we can count in money. A single incident could jeopardize the most valuable asset: reputation and market confidence. However, it is not the responsibility of only a few. How can CISO raise awareness about risk management? How can employees and all areas take a proactive role in the fight against cyber crime and information leaks? What are the recommendations for cyber security to be a strategic tool for transformation and competitive advantage?

    03:30 PM - 04:00 PM

    Afternoon Break

    Enjoy a nice cup of freshly brewed Colombian coffee; check your messages; interact with attendees, presenters, and sponsors.

    04:00 PM - 05:00 PM

    Strengthening the security position with behavioral knowledge

    Lic. Antonio Sanchez, CISSP
    Marketing Director, User and Data Protection – Forcepoint

    Day by day cybersecurity professionals agree that people represent a great security challenge. Employees have access to intellectual property and critical systems to be productive in their jobs. The challenge for managers and professionals responsible for managing risk is to identify anomalous data and thus understand the context to reduce the risk of theft, fraud, and sabotage of internal agents "insider threats". Join us for a discussion of best practices and valuable contributions to reduce the risk of internal agents and move the organizational strategy to a more proactive security posture.

    05:00 PM - 05:30 PM

    Closing Ceremonies

    Cost to Attend: $200 USD

    Includes:
    - Access to all sessions
    - Brunch and lunch 2 days (September 11 and 12)
    - Welcome Cocktail (September 11)

    Get your Ticket

    Our Sponsors
    Very proud to count with the support of these industry leaders

    Our Partners
    Very proud to count with the support of important private organizations and government agencies

    How to Reach Radisson Hotel

    Radisson Cartagena Ocean Pavillion Hotel

    Carrera 9 #22-850, Cartagena, Bolivar Colombia

    Ticket Information

    Name: Edgar Rojas

    Cell: +1 931 2127683

    Email: erojas@tacticaledge.co

    Agenda Information

    Name: Edgar Rojas

    Cell: +1 931 2127683

    Email: erojas@tacticaledge.co

    September 11 and 12, 2019

    8 am to 6 pm

    Ticket Information

    Name: Edgar Rojas

    Cel: +1 931 2127683

    Email: erojas@tacticaledge.co

    Agenda Information

    Name: Edgar Rojas

    Cell: +1 931 2127683

    Email: erojas@tacticaledge.co