Chris Wilkinson, director at BSS
The team and I recently travelled to Barcelona to attend the 7th CISO 360 Congress hosted by Pulse conferences, which was engaging and thought provoking as always. The theme was Driving Resilience and Trust: Cybersecurity Value Creation Tactics and Strategies for CISOs and it was very well attended by CISOs and security experts from around the globe.
It was invaluable to listen and learn from international cybersecurity leaders on what’s driving their businesses forward, how they are adapting to the changing threat and talent landscape, what’s most keeping them up at night, and their plans for the future. It’s an exciting time for CISOs to expand their contribution to strategic decision-making.
Top CISO insights from day one
The first day was packed full of excellent sessions, all delivered brilliantly by some very inspiring speakers. For me, one of the highlights was Monika Atanasova’s talk on The Use of Automation within Third Party Risk Management. Monika, who is the Global Head of Cyber Third Party Risk Management at Raiffeisen Gruppe, spoke about the benefits of having a baseline of information about your supply chain and moving from traditional attestation base assessments to a more modern approach.
Another standout session was Survival: Don’t Let the Role Get you Down! by James Frampton, Head of IT Risk, Security & Control at MUFG Securities in EMEA. James’ talk was hugely engaging, as the title may suggest, describing very relatable and practical approaches for CISOs. However, what I found especially impressive about his topic was that the scenarios and techniques he described could easily be translated to anyone in a business-facing security or technology role. Wellbeing has to be a priority too in the demanding role of a CISO!
My final takeaway from day one was CISO and Head of Research at Jupiter One, Sounil Yu’s, think tank seminar on large language models (LLMs) and how they can be leveraged to improve cybersecurity, cutting through the noise that has been generated so prolifically around platforms such as Bard and ChatGPT. As with everything Sounil does, this session was delivered with a fantastic sense of energy, providing some very thought-provoking discussions among attendees.
This was topped off by a sunny, if not a little choppy, catamaran reception and a delicious dinner at the local Bestial Beach Club, where yet more insightful conversations ensued.
Top CISO challenges from day two
The second day had a strong risk management focus, leveraging the recent experiences of senior security leaders in how to deal with cybersecurity issues.
For example, the panel session on Designing a Holistic Approach to Cyber Defence, IoT and Cyber Threat Intelligence covered a huge array of topics and examples, and attendees took away valuable lessons on how to face and deal with major cyber threats. Under the guidance of Andrea Litherland, Cyber Threat Intelligence Lead, Financial Services and with contributions from Barry J Coatesworth and Toks Oladuti, CISO at Dentons, there were many valuable lessons shared from different industries. Discussing experiences and strategies among peers is invaluable to both benchmark and futureproof defences.
We also delved into the increasingly discussed topic of data governance, exploring the many interpretations of this term and where accurate governance has added value for many organisations. Experts from across the industry provided great examples, frameworks and tactics to mitigate data risks, and really brought the subject to life, again sparking lively and important discussions.
It was fantastic to attend such a well organised event, and to discuss the issues affecting CISOs and businesses and the technology emerging to assist them in their endeavours. Our industry is fast paced, agile and often unpredictable, so it was highly valuable to learn how businesses are dealing with this rate of change and what support they are looking for in order to shape and hone their security operations.
To find out more about BSS and how we can help you with your cyber security needs, please see our services page.