Agenda
Bold Starts: Monday
Nov 13- 1:00 pm – 5:00 pm ET Special Programs
- 5:00 pm – 6:30 pm ET Welcome Reception
Tuesday
Nov 14- 8:00 am – 9:00 am ET General Breakfast
- 9:00 am – 10:45 am ET Opening Remarks & Keynotes
- 10:45 am – 11:35 am ET Marketplace Break
- 11:35 am – 12:40 pm ET Breakout & Case Study Sessions
- 12:40 pm – 1:55 pm ET Lunch
- 1:55 pm – 3:35 pm ET Breakout & Case Study Sessions
- 3:35 pm – 4:25 pm ET Marketplace Break
- 4:25 am – 5:30 pm ET Keynote Sessions
- 5:30 pm – 7:00 pm ET Reception
Wednesday
Nov 15- 8:00 am – 9:00 am ET General Breakfast
- 9:00 am – 10:10 am ET Keynote Sessions
- 10:10 am – 11:00 am ET Marketplace Break
- 11:00 am – 12:05 pm ET Breakout & Case Study Sessions
- 12:05 pm – 1:15 pm ET Lunch
- 1:15 pm – 2:20 pm ET Breakout & Case Study Sessions
- 2:20 pm – 3:10 pm ET Marketplace Break
- 3:10 pm – 4:15 pm ET Keynote Sessions
- 4:15 pm – 4:20 pm ET Closing Remarks
Bold Starts: Monday Nov 13
Bold Starts: Special Programs (In-Person Only)
Join us for a range of Special Programs including Forrester Women’s Leadership Program, workshops, Learn-a-skill sessions, and other ways to connect with your peers before the main program.
S&R Forrester Women's Leadership Program: Balancing Effectiveness And Influence (In-Person Only)
Join us as we discuss the many ways you can power change and growth for yourself and other women in the workplace. Network and learn from your peers on advancement strategies for women leaders and participate in conversations about how to develop meaningful relationships with women leaders in the data and analytics industry. All are welcome to join!
Speakers:
Jinan Budge, Principal Analyst, Forrester
Jess Burn, Principal Analyst, Forrester
Amy DeMartine, VP, Research Director, Forrester
Jeff Pollard, VP, Principal Analyst, Forrester
Panel: Avoid The “She’s Not Strategic”* Trap: Balancing Influence And Effectiveness To Lead In Cybersecurity
If you take pride in your ability to get stuff done and prefer to let your work speak for itself (because you’re uncomfortable with self-promotion), this session is for you. Paradoxically, many ambitious and talented women miss out on leadership opportunities precisely *because* they’re excellent at getting stuff done — they end up spending all their time executing effectively, or no one notices their strategic contributions among all the operational work that they do. For this session, we’ve assembled a fantastic panel of information security leaders who’ve faced this challenge. Here’s what you’ll take away from this session if you join us:
- How to make space for contributing strategically — and how to highlight your strategic contributions (yes, this will involve some self-promotion!)
- How to build influence and visibility with the leaders above you in the organization
- How to help those more junior to you avoid or climb out of this trap
*Jess Iandiorio, the author of this 2020 blog post, is a former Forrester colleague who’s now the CMO at Starburst.
Speakers:
Jada Breegle, CIO, Legal Services Corporation
Mary Faulkner, VP, CISO and VP of IT Operations, Thrivent
Sarah Nur, Associate Chief Information Officer for Cybersecurity and Treasury Chief Information Security Officer, U.S. Department of the Treasury
Stephanie Balaouras, VP, Group Director, Forrester
Learn-A-Skill: Demystifying The Proof Of Concept (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
Proof of Concepts are a universal part of selecting and procuring a cybersecurity product and service…and one of the most misunderstood. This workshop will provide actionable advice on how to run a successful proof of concept that validates how the product and service will meet the needs of the security program while also reducing the time teams spend performing them. This session will provide detailed advice on how to:
- Identify when it’s time to run a proof of concept.
- Apply the right – and avoid the wrong – constraints.
- Develop meaningful success criteria.
- Reduce the amount of time spent on Proof of Concepts by up to 90%.
Speakers:
Jeff Pollard, VP, Principal Analyst, Forrester
Workshops (In-Person Only)
Join one of our interactive, in-person sessions led by Forrester analysts, featuring hands-on exercises that equip you with the skills needed to lead change. Engage with peers from other firms to enhance your skills and collaborate on common challenges.
Workshop: Preparing For Your Zero Trust Transformation
In an age when cybersecurity threats are everywhere, modern networks must move beyond the static perimeter-based model. Security teams must adapt and redesign networks to improve security. Join this workshop to better understand what it takes to plan for your firm’s Zero Trust strategy. You’ll participate in interactive self-assessments and exercises to help you identify areas to focus your transformation investments. This workshop provides a live sample of Forrester’s Adopting Zero Trust Certification course.
Speakers:
David Holmes, Principal Analyst, Forrester
Heath Mullins, Sr. Analyst, Forrester
Jenna Wohead, Director, Product Management, Forrester
Workshop: Identify Security Gaps with The Forrester Information Security Maturity Model (FISMM)
All attendees are encouraged to bring their own laptop to complete the FISMM.
The Forrester Information Security Maturity Model (FISMM) provides a framework that describes all the required functions and components of a comprehensive security program. It also offers a method for evaluating the maturity of each component (spread across the same four domains of oversight, people, process, and technology) of the framework on a consistent and prescriptive scale. In this session, you’ll be able to:
- Learn the basics of the condensed 30-question FISMM.
- Complete the FISMM online for your organizations.
- Understand next steps to review your results, identify strengths and opportunities in your security program, and shape your cybersecurity strategy, operations, and roadmap.
Speakers:
Peter Cerrato, Principal Consultant, Forrester
Ron Woerner, Senior Consultant, Forrester
Learn-A-Skill: How To Build A Leading Detection And Response Engineering Practice (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
The SOC has reached the same tipping point that software development faced many years ago: It’s dealing with too much data (big data and log management), struggling to innovate and update monolithic software (detections and incident response processes), and lacking ownership beyond initial deployment (content management). Once the software world reached this point, it pivoted from building monolithic software based on a waterfall methodology to deploying microservices and agile. Security operations teams must make this same pivot to stay ahead of evolving threats through detection and response engineering. Join this session to start to structure a detection and response engineering practice. Learn how to:
- Make the transition to agile in the SOC.
- Leverage the detection and response development lifecycle (DR-DLC).
- Build a process to train your team to write detection as code.
Speakers:
Allie Mellen, Principal Analyst, Forrester
Welcome Reception (In-Person Only)
Join us for refreshments and light appetizers. All registered attendees are welcome.
Tuesday Nov 14
General Breakfast
Welcome & Opening Remarks
Welcome to Forrester’s Security & Risk 2023. This session will set the tone for the next two days of bold vision and actionable insight from Forrester.
Speakers:
George Colony, CEO, Forrester
Stephanie Balaouras, VP, Group Director, Forrester
Keynote: The Future Of Zero Trust Is … Everywhere
Zero Trust is today’s de facto security strategy. But can we build Zero Trust into the world of tomorrow? Right now, organizations are designing Zero Trust into greenfield environments and retrofitting it into their legacy infrastructures. Optimizing Zero Trust for the dynamic, flexible requirements of the future will require that it be built into everything. In this talk, David Holmes will show how, in the future, everything will be Zero Trust by default. Attend this session to:
- Learn how to connect the pockets of Zero Trust in organizations today.
- Understand what needs to change for Zero Trust everywhere.
Speakers:
David Holmes, Principal Analyst, Forrester
Keynote: Too Fast, Too Furious: Managing The Speed Of Cybersecurity Regulatory Change
Navigating the barrage of new and evolving regulatory requirements makes compliance a constant uphill battle for security teams. This session will examine how security leaders are managing the latest changes and explore how they’re preparing for what’s on the horizon. Join this keynote session to learn:
- The consequences and risks associated with falling behind on regulation updates.
- Best practices to effectively manage and adapt to the speed of regulatory change for 2024 and beyond.
Speakers:
Stephanie Franklin-Thomas, PhD, SVP & CISO, ABM Industries
Gene Sun, Corporate VP, CISO, FedEx
Alla Valente, Senior Analyst, Forrester
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
10:50am - 11:00am - Onspring Technologies: Visualizing Vulnerability Scans & IT Risk Remediation
Vulnerability management reviews can leave your organization with lingering questions because the tools are designed to serve full-time analysts, who focus on data sets and aren’t visualizing the information. Business units are left wondering: Where exactly are the vulnerabilities? Where are my gaps? What do I need to remediate? How do I need to remediate? Learn how CTO’s are using their own tools to create decision-making data from vulnerability scanning.
Speakers:
Emily Elizabeth, Vice President, Onspring GRC Software
11:05am - 11:15am - ServiceNow: 3 recommendations to improve security and trust in 2024 and how ServiceNow can help
You know effectively managing cybersecurity and cyber risk is critical to maintaining the trust of your customers, which drives the success of your business. As you look toward 2024, you’re faced with many pressures but what should be top of mind and where can ServiceNow help? We’d like to discuss 3 not to ignore recommendations for 2024, where ServiceNow can help you improve security, efficiency, and trust
Speakers:
Alison Musci, Senior Director IRM Solutions Sales, ServiceNow
11:20am - 11:30am - Okta: Identity-Powered Zero Trust
With the threat landscape becoming ever more complex, organizations are mired in efforts to protect their environments and mitigate the risks these threats present. Traditional controls are falling short, and both Government bodies and the private sector are championing Zero Trust to combat modern threats. Join us as we walk through what ZT practically calls for and how it is architected in an environment where Identity is the glue in the security stack.
Speakers:
Gurinder Bhatti, Global Field Security Strategist, Okta
Learn-A-Skill: Practical Zero Trust Implementation (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
Participants will get a comprehensive understanding of key Zero Trust components. Through a combination of interactive discussions, real-world case studies, and practical exercises, attendees will learn how to translate Zero Trust principles into actionable strategies within their own organizations. The workshop will run for 70 minutes and is geared toward security professionals beginning or in the middle of their Zero Trust transformation. An agenda summary has been included below:
- Introduction to Zero Trust
- Key components of Zero Trust
- Applying Zero Trust
Speakers:
Paul McKay, Vice President, Research Director, Forrester
Tope Olufon, Sr Analyst, Forrester
Breakout Sessions
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
Code42: How Crowdstrike automated microtrainings to change behavior and prevent data loss
Join us to learn how to stop data loss by addressing employee behavior. Discover why an effective response strategy must account for risk severity, and get practical tips for implementing response controls accordingly. We’ll showcase how Code42 customer Crowdstrike used automated microtrainings to correct frequent employee mistakes, which reduced event triage for their security team, and drove data loss events down for the business.
Speakers:
Maria Izurieta, Chief Financial Officer, Code42
KnowBe4: Putting Humanity into Your Human Risk Management Program
Security teams are beginning to appreciate the importance of building a strong human defense layer. As a result, most organizations have adopted some form of security awareness, behavior, and culture program. But there is a complication: in building these people-focused programs, security teams often forget that people are, by nature, relational beings. This session provides practical guidance for understanding, managing, and maturing your program to best foster a positive relationship and culture.
Speakers:
Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4
ManageEngine: Debunking Zero Trust Myths with a Real Strategy for Cybersecurity
The concept of Zero Trust has garnered significant attention in the realm of cybersecurity in recent years. While Zero Trust is often touted as a revolutionary approach to safeguarding digital assets, it’s essential to critically examine and understand the principles and practical strategies involved. In this session, we’ll delve into the Zero Trust hype and unveil the genuine strategies that underpin this cybersecurity framework.
Speakers:
Sagay Joseph, Regional Technical Head (Strategic Accounts), ManageEngine
OneTrust: Take a data-centric approach to increase third-party risk visibility
As businesses rapidly expand their use of third parties, risk leaders are being forced to re-think their approach to third-party risk management. By taking a data-centric and cross-functional approach to risk evaluation, third-party programs can drive efficiencies across the management lifecycle to foster a resilient, transparent, and scalable third-party ecosystem. In this session, we will review best practices to optimize third-party workstreams and showcase key outcomes from OneTrust customers.
Speakers:
Chris Paterson, Senior Director of Strategy Third Party Management, OneTrust
Nicholas Geyer, Product Marketing Manager, Third-Party Management, OneTrust
Lunch & Marketplace Break (In-Person Only)
Marketplace breaks are your chance to grab lunch, connect with sponsors, and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
12:45pm - 12:55pm - Mastercard: Exploring the Future of Cyber Risk Management with Mastercard
In an era of increasing interconnectedness and growing stakeholder expectations, the idea of measuring a company’s cyber risk has become exponentially more complicated. During this session, we will explore the future of cyber risk management going beyond traditional cybersecurity risk – presenting insights into the synergies, challenges, and implications for businesses.
Speakers:
Austin Starowics, Solutions Consulting Manager , Riskrecon by Mastercard
1:00pm - 1:10pm - ManageEngine: Communicating Your Security Reality to Your Board with Risk-Based KPIs
A CISO needs to create a compelling narrative for the board every quarter in order to gain support for implementing security measures that enhance the organization’s security maturity. It is crucial to align these initiatives with the organization’s risk tolerance, current risk posture, and future goals. Join this session to discover the essential operational metrics to track and translate into a compelling story for the board.
Speakers:
Ram Vaidyanathan, Technical specialist, ManageEngine
1:15pm - 1:25pm - Horizon3.ai: Go Hack Yourself: More War Stories from ~41k Pentests
Join Alex Diaz, Customer Success Leader at Horizon3.ai, for a short session where he’ll discuss real-world examples of what we have discovered in networks just like yours. You’ll hear about how fast and easy it is to compromise some of the largest networks in the world – with full domain takeover – often in minutes, and sometimes, without even exploiting a CVE. Proving you’re secure vs. assuming you’re secure is paramount in today’s threat environment.
Speakers:
Alex Diaz, Customer Success Leader, Horizon3.ai
1:30pm - 1:40pm - Bitdefender: Constantly Under Siege - Manage Risk to Efficiently Protect Your Kingdom
When besieging a castle, attackers would try to identify and exploit the weakest link in the defenses. As the modern knights defending the castle, CISOs are always looking for ways to improve the overall security posture and are often left wondering how can they safeguard the organization with the precision of a well-planned castle defense. We will highlight the relevance of Bitdefenders’ multi-layered approach to understanding and mitigating risk across hybrid environments.
Speakers:
Daniel Daraban, Senior Director of Product Management, Bitdefender
Breakout Sessions
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
Cisco: SSE: Potential Benefits, Hype, and Reality
Security Service Edge is a hot topic because of the powerful set of potential benefits, but like any new concept, there are multiple interpretations and unsubstantiated hype as well. Join us for a discussion about what organizations are looking for in an SSE solution, what some of the pitfalls have been so far, and what CDW and customers have learned about SSE and Secure Access.
Speakers:
David Gormley, Product Marketing Leader, Cisco
Jeremy Weiss, Executive Security Strategist, CDW Security
CyberProof: Unraveling the risks: Building a next-gen, cloud-native SOC
As enterprises embrace cloud transformation, security teams must not only adapt, but also stay ahead of their organizations. The transition of a Security Operations Center (SOC) to a cloud-native environment can be fraught with challenges and may lead to disastrous consequences if not executed properly. We will discuss about the challenges associated with cloud-native SOC implementation, with a special focus on cost-related concerns, and offering practical solutions.
Speakers:
Eran Alsheh, Chief Technology Officer, CyberProof
Eric Brooks, Senior CyberSecurity Manager, Ferguson
IBM: How IBM Security & Meijer have evolved from clients into partners on a mission to secure the future
The essence of a partnership is connection and commitment. Over the years, IBM Security has worked with Meijer solving various complex security issues and helping both organizations grow and mature their security posture however that is has not been a one-way street. Thanks to feedback and insights from Meijer, IBM Security has improved their ability to deliver customized and impactful security products and services. Join this session to learn how IBM Security and Meijer have evolved to co-collaborators with a vested interest in each other’s success and some big security wins across the board!
Speakers:
John Dwyer, Head of Research, X-Force, IBM
Philip Keibler, Vice President, Chief Information Security Officer, Meijer
ThreatLocker: Do You Know What's In Your Systems?
Using actual [redacted] customer endpoint data, ThreatLocker VP of Solutions Engineering Ryan Bowman will review what we found on their systems. With this Health Report of mitigation recommendations, you’ll learn what the customer learned and how the customer reacted. Would you do the same? Ryan will share best practices for prioritizing action and strategies to harden your environment.
Speakers:
Ryan Bowman, VP of Solutions Engineering, ThreatLocker
Breakout Sessions
Learn-A-Skill: Build An Insider Risk Management Function (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
Insiders — employees, contractors, vendors, and partners — are responsible for over a quarter of data breaches. Because insider risk is a human problem, involving trusted peers with knowledge of your environments, it requires a specific focus on looking for, investigating, and responding to insider incidents. Most security teams focus on external threat actors, not insiders. Insider risk management teams must work across the organization to build support. Policy and process outweigh technology to manage insider risk. In this Learn-A-Skill session, attendees will learn:
- How internal risks must be managed differently than external risks.
- How to build an insider risk management function.
- How to develop policies and processes for insider risk management.
- How to develop success metrics for the insider risk function.
Speakers:
Joseph Blankenship, VP, Research Director, Forrester
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
3:40pm - 3:50pm - Venafi: Crafting a Compelling Cybersecurity Story in 10 Minutes
In today’s fast-paced world, quickly capturing someone’s attention and conveying complex information can be challenging. This presentation will teach you how to effectively tell your cybersecurity story in just 10 minutes, with value cards, making a lasting impact on your audience. We’ll explore techniques for distilling complex cybersecurity concepts like zero trust into easily digestible narratives. Whether you’re presenting to executives, potential customers, or at a conference, you’ll learn how to create a concise, compelling story highlighting cybersecurity’s importance and showcasing your solutions’ value. By the end of this presentation, you’ll have the basic concept and confidence to deliver a powerful, persuasive cybersecurity story that leaves a lasting impression, no matter how limited your time may be.
Speakers:
Nick Curcuru, Head of Solutions Marketing, Venafi
3:55pm - 4:05pm - Binary Defense: Understanding Managed Detection & Response
To choose an MDR solution, prioritize vendors that combine technology with human expertise and offer real-time threat detection, analysis, and response. Consider features like threat intelligence, detection engineering, security operations center (SOC), continuous security posture improvement, and relevant metrics. Be sure to ask relevant questions in the selection process to ensure prospective vendors can deliver on the necessary specifications.
Speakers:
Joe McMann, Head of Cyber Services, Binary Defense
4:10pm - 4:20pm - Brinqa: Precisely Reduce the Vulnerabilities that Matter with Brinqa
Impossible backlogs, fragmented visibility, ownership complexity, and unmotivated stakeholders frustrate both vulnerability management teams and the remediation teams asked to fix security issues. This leads to wasted time and more residual security risk on a continuous basis while still incurring development and IT costs to fix low risk vulnerabilities. Escape this lose-lose scenario with Brinqa, which helps you unify, prioritize, remediate, and report on disparate security findings with risk context from a single platform.
Speakers:
Aaron Marzullo, Sales Engineer, Brinqa
Analyst Relations Exchange (In-Person Only)
Targeted program for analyst relations leaders designed to provide private networking for AR professionals, insight on Forrester’s value proposition, product plans and research methods benefitting high-tech and service provider companies. This event is offered in-person only.
Speakers:
Christopher Andrews, VP, Product Management, Forrester
Andras Cser, VP, Principal Analyst, Forrester
Danielle Jessee, Director, Evaluative Research, Forrester
Merritt Maxim, VP, Research Director, Forrester
Security & Risk Conversation Starters
Participate in an interactive program where you take the lead! Attendees can vote for their preferred discussion topics throughout the day. Top-voted topics will feature dedicated roundtable sessions led by expert analysts. Your input shapes the conversation – let’s dive deep into what matters most to you!
Speakers:
Laura Koetzle, VP, Group Director, Forrester
Heath Mullins, Sr. Analyst, Forrester
Carlos Rivera, Senior Analyst, Forrester
Madelein van der Hout, Senior Analyst, Forrester
Forrester Security And Risk Enterprise Leadership Award
Welcome to the highly anticipated Forrester Security And Risk Enterprise Leadership Award, the only assessment dedicated to recognizing excellence in security, privacy, and risk strategy, integral to building a trusted and resilient business.
In this session, we will announce the winner of this year’s award and hear how they continually build trust with customers, employees, and partners.
Speakers:
John Cadavid, Global Chief Information Security Officer , Barclays
Matt Reiley, Director for US Cyber Operations , Barclays
Joseph Blankenship, VP, Research Director, Forrester
Jess Burn, Principal Analyst, Forrester
Keynote: Adapt And Adopt: Balance The Acute Risk With The Burgeoning Reward Of AI
AI entered the cybersecurity lexicon as a buzzword. Years later, it is poised to change the way the enterprise operates and has overtaken the agenda of cybersecurity leaders. AI’s massive risk and incredible opportunity are forcing security leaders and their teams into a balancing act of enterprise enablement for a new, evolving, and complex technology. In this keynote, we will do a deep dive on the risks, threats, and opportunities AI brings. Attend this session to delve into how:
- Cybersecurity can be instrumental in securing the big bets your enterprise makes on AI.
- You can enable the business to use AI securely.
- AI will change the way security operates.
- Adversaries will leverage AI.
- You can encourage your security practitioners to question, adopt, and trust AI.
Speakers:
Allie Mellen, Principal Analyst, Forrester
Jeff Pollard, VP, Principal Analyst, Forrester
Evening Reception (In-Person Only)
Join us for a reception full of networking, fun, food, and refreshments.
Wednesday Nov 15
General Breakfast
Government Breakfast Meetup
Connect with your fellow peers in Public Sector for a private networking breakfast.
This breakfast is not open to partners or non-government attendees.
Breakfast Boardroom IBM: Cybersecurity in the era of generative AI
In a world characterized by relentless technological advancement, businesses are navigating uncharted territory, striving to harness the power of emerging technologies while protecting their assets and data from evolving threats. IBM Security plays a pivotal role in this dynamic environment. Our mission is to leverage the latest insights from the market, threat landscape, and technology innovations to help our clients develop the very best security strategies.
Speakers:
John Dwyer, Head of Research, X-Force, IBM
Breakfast Boardroom Vulcan Cyber: Attack Path Modeling for Uncommon Vulnerability Risk Management
What is uncommon vulnerability risk management? To answer this question we must first understand what is meant by “now-common VRM approaches.” Fortunately, Forrester Research recently answered these questions in detail with the publication of The Forrester Wave: Vulnerability Risk Management, Q3 2023. Join us for this breakfast boardroom session and learn how mature vulnerability management organizations are visualizing custom risk prioritization insights enhanced with business context through attack path modeling and risk analytics.
Speakers:
Yaniv Bar-Dayan, CEO and co-founder, Vulcan Cyber
Welcome Back
Speakers:
Stephanie Balaouras, VP, Group Director, Forrester
Keynote: Build A Modern Product Security Team
Modern and future fit technology organizations transform technology to support their organization’s business strategy. Those hoping to evolve from traditional to modern or future fit must adopt a technology strategy that enables adaptivity, creativity, and resilience — but they won’t get there unless the product security team embraces those principles, too. This session will discuss:
- What it means to be future fit — and what a product security team looks like in a modern tech or future fit tech organization.
- How to evolve your product security strategy from traditional to modern … and from modern to future fit.
Speakers:
Sandy Carielli, Principal Analyst, Forrester
Guest Keynote: Going All-In On Zero Trust – The How And Why Behind The Government’s Strategy
In 2022, The White House Executive Order 14028 and Office of Management and Budget (OMB) memo OMB M-22-09 mandated that federal agencies adopt Zero Trust by 2024. Since then, federal agencies have rushed to learn about and implement Zero Trust architecture across their environments. Chris DeRusha, Federal Chief Information Security Officer and Deputy National Cyber Director will share why the federal government chose Zero Trust as its chosen security model, what it learned from the executive order, and how the implementation is going. Government and private sector security leaders should attend this session to learn:
- Why the US federal government chose Zero Trust as its de-facto security strategy.
- What government security leaders have learned so far, including pushback, obstacles, and wins.
- How organizations doing business with the federal government are also impacted.
- How to track progress in your own Zero Trust journey.
Speakers:
Chris DeRusha, Federal CISO & Deputy National Cyber Director, Office of Management and Budget, Office of the National Cyber Director
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
10:15am - 10:25am - LastPass: Navigating the Passwordless Evolution with LastPass
With over 80% of breaches stemming from compromised login credentials, passwords have evolved from a solution to a glaring problem. In the midst of the compromised credentials crisis, eliminating passwords may seem like the obvious step, but the journey is far from straightforward. Brace yourself for a game-changing perspective with LastPass as we dissect the passwordless evolution, revealing how distinguishing between a mere ‘experience’ and a true ‘solution’ can turbocharge your transition
Speakers:
Scott Ritter, Account Executive, LastPass
10:30am - 10:40am - Sonatype: AI's Impact in Software Development: Navigating Governance, Copyright, and Compensation Complexities
While artificial intelligence (AI) and machine learning (ML) technology has become more accessible than ever, there are still significant looming questions about its usage in software development. Should organizations be responsible for regulating the use of AI? Who holds copyright ownership for AI-generated code based on open source? How should developers be compensated for code used in large language models (LLMs)? In this talk, Dr. Stephen Magill, VP of Product Innovation at Sonatype, explores these questions and more, providing data-backed best practices for mitigating risk, implementing automation, and integrating AI in the software supply chain.
Speakers:
Dr. Stephen Magill, VP of Product Innovation , Sonatype
10:45am - 10:55am - Recorded Future: Reducing Operational Risk with Threat Intelligence
1 in 5 organizations have experienced a significant outage in the last three years that negatively affected their reputation, revenue, and compliance adherence. Learn from Recorded Future experts how threat intelligence can be a force multiplier, enabling security teams to strengthen their defenses, enhance operational workflows through automation, and mitigate the impact of attacks such as ransomware.
Speakers:
Ellen Wilson, Manager, Product Marketing, Recorded Future
Learn-A-Skill: Burnout In Cybersecurity: A Love Story. (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
Today, 52% of the workforce is experiencing some form of burnout. Preliminary studies show that cybersecurity workers are suffering burnout at a rate higher than healthcare workers. In this context, this hidden epidemic and the impact of burnout on cybersecurity teams’ mental health, as well as on their organization’s cybersecurity posture, are immense. Did you know that it is possible for employees to be highly engaged and experiencing burnout at the same time? The fact is that some of your best, most engaged rock-star employees are also burning out, and you won’t see until it’s too late. We’ll show you how to identify the different types of burnout and how to support the people who want to be their best at work without depleting themselves. Participants in this session will:
- Rethink what burnout is and how to identify its many causes and manifestations.
- Understand the risk of ignoring burnout and learn to work with people and managers to avoid and address it.
- Leave with examples of next steps for preventing, identifying, and redressing burnout in their teams and divisions.
Speakers:
Jinan Budge, VP, Principal Analyst, Forrester
Breakout Sessions
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
Akamai Technologies: Revisiting Defense In Depth: A New Approach
As cyberattacks increase and become more effective, the Defense in Depth security strategy is no longer realistic. In this case study, we explore a new take on an old tactic and how one company with a growing attack surface, number of products, vendors, and security gaps took defense in depth to mean a ‘depth of coverage’ against the modern attack sequence. Learn their strategy for stopping sophisticated attacks against their modern infrastructure.
Speakers:
Dan Petrillo, Director, Product Marketing, Akamai Technologies
Coalfire: Successfully Meet Emerging Risks & Compliance Requirements for Tech and Enterprises
From the boardroom to the cloud, CISOs face unprecedented challenges – from avoiding or managing a security event to protecting the company’s reputation and mitigating increasing and evolving risks. Learn how some of Coalfire’s top customers achieved a distinct competitive advantage by embracing innovative cybersecurity approaches that leverage threat-informed offensive approaches, proactive compliance processes, and long-term, business-aligned strategies.
Speakers:
Tom McAndrew, CEO, Coalfire
Microsoft: AI: Defending at machine speed with Microsoft Security
Learn about Microsoft security’s zero trust principles, and how new generative AI capabilities build on them to deliver a more optimized security operations experience. We’ll review how Microsoft Security Copilot works with SIEM and XDR to help defenders respond to threats quicker, level up and gain a greater understanding of the threat landscape.
Speakers:
Omar Turner, General Manager, Northeast CSU (Customer Success Unit) Security Leader, Microsoft
Alex Klausner, Sr. Product Marketing Manager, SCI Security
Uptycs: How IBM secured its internal ecosystem of Linux on IBM Power, Z mainframe, and AIX-based assets
Join the conversation as IBM reveals how it has successfully modernized and secured this vital ecosystem unlocking the ability to both migrate legacy workloads as well as develop hybrid cloud and container-based applications. Learn advanced techniques for proactive threat detection, prevention, and response, enabling you to fortify the security of your IBM Power Systems and Z mainframes for your own app modernization and digital transformation efforts.
Speakers:
Adrian Wreh, Sr. Manager Platform Operations, IBM
Dan Dearing, Sr. Director Product Marketing, Uptycs
Lunch & Marketplace Break (In-Person Only)
Marketplace breaks are your chance to grab lunch, connect with sponsors, and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
12:10pm - 12:20pm - ThreatLocker: Rubber Ducky Challenge
Risk of data loss and operational disruption can stem from more than the ransomware in news headlines. Join for a live hacking demonstration of a common-looking USB device and discussion on physical and digital methods of control to minimize data exfiltration.
Speakers:
Ryan Bowman, VP of Solutions Engineering, ThreatLocker
12:25pm - 12:35pm - IBM: IBM Security Active Governance Services (AGS) and Xacta® Demo
Come see the power of automation in the new tailored IBM Security AGS solution that operationalizes cybersecurity compliance and ensures both time- and cost-effectiveness. In this demo you will learn how the most time-consuming tasks of compliance can be automated and streamlined such as control selection, implementation, validation, continuous monitoring, and more.
Speakers:
Evelyn Anderson, IBM Distinguished Engineer, IBM
Hugh Barrett, Chief Product Officer, Xacta
12:40pm - 12:50pm - Cisco: Upgrade your SecOps with Cisco XDR
Security operations teams, once plagued with a lack of tools and defenses, now suffer the opposite problem. A disjointed stack of incompatible detection and protection engines makes navigating incidents costly and time consuming. See how Cisco XDR is bridging those gaps and lowering adversary dwell times by providing a common set of tools and services across your Cisco and 3rd party deployments.
Speakers:
Ben Greenbaum, Sr. Product Manager, Cisco XDR
12:55pm - 1:05pm - Code42: A simpler, stronger approach to IP protection (really!)
Addressing data loss and insider threat with traditional tools takes more time than security has to give. You need strong detection, effective response, powerful integrations, ease of use, and no disruption to users. Too much to ask? Not at all. Seeing is believing so join us for a 10-minute demo.
Speakers:
Troy Johnson, Sr. Systems Engineer, Code42
Veteran's Appreciation Lunch
We invite all those who have served or are currently serving our country to join us for a special appreciation lunch.
Speakers:
Carlos Rivera, Senior Analyst, Forrester
Drew Jaehnig, Public Sector Capture Manager, Forrester
Breakout Sessions
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
DigiCert: Preparing for a Quantum-Safe Future
Quantum computing is an existential threat to current security measures. Join this session for expert perspectives on quantum computing timelines, a look at survey data examining what companies are doing today to prepare, and an overview of how you can get started today on strategies that will provide the agility and efficiency you need to navigate successfully through this industry change.
Speakers:
Deepika Chauhan, Chief Product Officer, DigiCert
Mastercard: How Cyber Risk Quantification Implementation Benefits Fidelity Investments
It takes time and effort to build trust, and a minor misstep can break that trust. In today’s connected economy, every transaction and interaction within a company has an element of technology. Protecting these interactions is essential to manage trust; organizations do this by managing technology risks. In this session, Fidelity’s cybersecurity leader will share how they leverage cyber risk quantification to help make technical and business decisions, in collaboration with Accenture and Mastercard.
Speakers:
Urooj Burney, Global Head of Risk & Resilience Services, Mastercard
Larry Lipsey, VP, Cyber Policy & Controls Leader, Fidelity Investments
William Beer, Northeast Security Lead, Accenture
Zscaler: Unleash the Full Power of Secure Digital Transformation
Every age is accompanied by new, special demands for the decision-makers who steer the fortunes of companies. In recent years, business success has become intrinsically linked to IT infrastructure and seamless and secure connectivity is the key to unlock innovation and accelerate business outcomes. To reach this state, enterprises are transforming their networks and security to a zero trust architecture, thereby reducing risk, eliminating cost and complexity and increasing agility.
Join this session to learn:
- How zero trust architecture secures users, workloads, IoT/OT devices, and your business partners by addressing critical security shortcomings of legacy network architecture
- How zero trust architecture secures users, workloads, IoT/OT devices, and your business partners by addressing critical security shortcomings of legacy network architecture
- How to reduce network complexity without exposing your organization to new risks
- The key steps in a phased secure digital transformation journey as well as proven advice to drive the mindset and cultural change required
Speakers:
Dhawal Sharma, SVP, Product Management, Zscaler
Rob Wenier, Global Head of Cloud and Infrastructure, AstraZeneca
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Security & Risk Conversation Starters
Participate in an interactive program where you take the lead! Attendees can vote for their preferred discussion topics throughout the day. Top-voted topics will feature dedicated roundtable sessions led by expert analysts. Your input shapes the conversation – let’s dive deep into what matters most to you!
Speakers:
Jess Burn, Principal Analyst, Forrester
Laura Koetzle, VP, Group Director, Forrester
Heath Mullins, Sr. Analyst, Forrester
Carlos Rivera, Senior Analyst, Forrester
Madelein van der Hout, Senior Analyst, Forrester
Keynote: Digital Identity And Fraud In The Age Of AI
The age of AI is upon us, with the potential to upend and transform many existing markets. Identity and fraud are not immune to AI’s effects, whether it is AI-generated deepfakes launching social engineering attacks to evaluating real-time access data to identify anomalous identity activity. Managing identity and fraud in the age of AI will require a new mindset and strategy to ensure that the business remains protected while maintaining trust and seamless digital experiences for customers, employees, and partners. In this session, Merritt will review how:
- AI is influencing identity and fraud.
- Organizations should prepare to evolve their IAM programs to operate efficiently in the age of AI.
Speakers:
Mary Faulkner, VP, CISO and VP of IT Operations, Thrivent
Upendra Mardikar, CISO, TIAA
Sarah Nur, Associate Chief Information Officer for Cybersecurity and Treasury Chief Information Security Officer, U.S. Department of the Treasury
Merritt Maxim, VP, Research Director, Forrester
Keynote: AI Ethics And Compliance: Risk Hell, Settle For Purgatory, Or Enter Paradise
From Europe to the US and AP, the regulatory machine is spinning. Everybody agrees on the need to regulate AI, no one knows how to do it, and you are in charge of ensuring risks are under control. It will be a perilous and uncertain journey, but the opportunity to shape a trusted and ethical approach to AI is yours and the time is now. This session will:
- Explore the upcoming principles and regulations that will define AI risk practices of the future.
- Illustrate emerging best practices for building and executing AI governance frameworks.
- Give you guidance on what to do next.
Speakers:
Enza Iannopollo, Principal Analyst, Forrester
Bold Starts: Monday
Nov 13- 1:00 pm – 5:00 pm ET Special Programs
- 5:00 pm – 6:00 pm ET ELE Welcome Reception
Tuesday
Nov 14- 8:00 am – 9:00 am ET ELE Only: Breakfast Session
- 9:00 am – 10:45 am ET General Keynotes
- 10:45 am – 11:35 am ET Marketplace Break
- 11:35 am – 12:40 pm ET General Breakouts and Case Studies
- 12:40 pm – 1:55 pm ET Exclusive ELE Lunch Keynote
- 1:55 pm – 3:35 pm ET General Breakouts and Case Studies
- 3:35 pm – 4:25 pm ET Marketplace Break
- 4:25 pm – 5:35 pm ET General Keynotes
- 5:30 pm – 7:00 pm ET ELE Reception
Wednesday
Nov 15- 8:00 am – 9:00 am ET General Breakfast
- 9:00 am – 10:10 am ET General Keynotes
- 10:10 am – 11:00 am ET Marketplace Break
- 11:00 am – 12:05 pm ET General Breakouts and Case Studies
- 12:05 pm – 1:15 pm ET Exclusive ELE Lunch Keynote
- 1:15 pm – 2:20 pm ET General Breakouts and Case Studies
- 2:20 pm – 3:10 pm ET Marketplace Break
- 3:10 pm – 4:15 pm ET General Keynotes
- 4:15 pm – 4:20 pm ET Closing Remarks
Bold Starts: Monday Nov 13
S&R Forrester Women's Leadership Program: Balancing Effectiveness And Influence (In-Person Only)
Join us as we discuss the many ways you can power change and growth for yourself and other women in the workplace. Network and learn from your peers on advancement strategies for women leaders and participate in conversations about how to develop meaningful relationships with women leaders in the data and analytics industry. All are welcome to join!
Speakers:
Jinan Budge, Principal Analyst, Forrester
Jess Burn, Principal Analyst, Forrester
Amy DeMartine, VP, Research Director, Forrester
Jeff Pollard, VP, Principal Analyst, Forrester
Panel: Avoid The “She’s Not Strategic”* Trap: Balancing Influence And Effectiveness To Lead In Cybersecurity
If you take pride in your ability to get stuff done and prefer to let your work speak for itself (because you’re uncomfortable with self-promotion), this session is for you. Paradoxically, many ambitious and talented women miss out on leadership opportunities precisely *because* they’re excellent at getting stuff done — they end up spending all their time executing effectively, or no one notices their strategic contributions among all the operational work that they do. For this session, we’ve assembled a fantastic panel of information security leaders who’ve faced this challenge. Here’s what you’ll take away from this session if you join us:
- How to make space for contributing strategically — and how to highlight your strategic contributions (yes, this will involve some self-promotion!)
- How to build influence and visibility with the leaders above you in the organization
- How to help those more junior to you avoid or climb out of this trap
*Jess Iandiorio, the author of this 2020 blog post, is a former Forrester colleague who’s now the CMO at Starburst.
Speakers:
Jada Breegle, CIO, Legal Services Corporation
Mary Faulkner, VP, CISO and VP of IT Operations, Thrivent
Sarah Nur, Associate Chief Information Officer for Cybersecurity and Treasury Chief Information Security Officer, U.S. Department of the Treasury
Stephanie Balaouras, VP, Group Director, Forrester
Learn-A-Skill: Demystifying The Proof Of Concept (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
Proof of Concepts are a universal part of selecting and procuring a cybersecurity product and service…and one of the most misunderstood. This workshop will provide actionable advice on how to run a successful proof of concept that validates how the product and service will meet the needs of the security program while also reducing the time teams spend performing them. This session will provide detailed advice on how to:
- Identify when it’s time to run a proof of concept.
- Apply the right – and avoid the wrong – constraints.
- Develop meaningful success criteria.
- Reduce the amount of time spent on Proof of Concepts by up to 90%.
Speakers:
Jeff Pollard, VP, Principal Analyst, Forrester
Workshops (In-Person Only)
Join one of our interactive, in-person sessions led by Forrester analysts, featuring hands-on exercises that equip you with the skills needed to lead change. Engage with peers from other firms to enhance your skills and collaborate on common challenges.
Workshop: Preparing For Your Zero Trust Transformation
In an age when cybersecurity threats are everywhere, modern networks must move beyond the static perimeter-based model. Security teams must adapt and redesign networks to improve security. Join this workshop to better understand what it takes to plan for your firm’s Zero Trust strategy. You’ll participate in interactive self-assessments and exercises to help you identify areas to focus your transformation investments. This workshop provides a live sample of Forrester’s Adopting Zero Trust Certification course.
Speakers:
David Holmes, Principal Analyst, Forrester
Heath Mullins, Sr. Analyst, Forrester
Jenna Wohead, Director, Product Management, Forrester
Workshop: Identify Security Gaps with The Forrester Information Security Maturity Model (FISMM)
All attendees are encouraged to bring their own laptop to complete the FISMM.
The Forrester Information Security Maturity Model (FISMM) provides a framework that describes all the required functions and components of a comprehensive security program. It also offers a method for evaluating the maturity of each component (spread across the same four domains of oversight, people, process, and technology) of the framework on a consistent and prescriptive scale. In this session, you’ll be able to:
- Learn the basics of the condensed 30-question FISMM.
- Complete the FISMM online for your organizations.
- Understand next steps to review your results, identify strengths and opportunities in your security program, and shape your cybersecurity strategy, operations, and roadmap.
Speakers:
Peter Cerrato, Principal Consultant, Forrester
Ron Woerner, Senior Consultant, Forrester
Learn-A-Skill: How To Build A Leading Detection And Response Engineering Practice (In-Person Only)
New in 2023, we have programmed several interactive sessions led by Forrester analysts. Each hour-long session features hands-on exercises that will equip you with the skills needed to lead change within your organization. No additional payment is required to attend. Sessions are first come, first served.
The SOC has reached the same tipping point that software development faced many years ago: It’s dealing with too much data (big data and log management), struggling to innovate and update monolithic software (detections and incident response processes), and lacking ownership beyond initial deployment (content management). Once the software world reached this point, it pivoted from building monolithic software based on a waterfall methodology to deploying microservices and agile. Security operations teams must make this same pivot to stay ahead of evolving threats through detection and response engineering. Join this session to start to structure a detection and response engineering practice. Learn how to:
- Make the transition to agile in the SOC.
- Leverage the detection and response development lifecycle (DR-DLC).
- Build a process to train your team to write detection as code.
Speakers:
Allie Mellen, Principal Analyst, Forrester
Meet Your Peers: ELE Networking Reception
Join us for a pre-conference reception where you can network with Forrester experts and industry peers who will be part of the ELE program throughout the event.
Speakers:
Jess Burn, Principal Analyst, Forrester
Tuesday Nov 14
ELE Exclusive Networking Breakfast
Start the day with a nourishing meal, the company of your fellow ELE participants, and an overview of the day ahead.
Speakers:
Jess Burn, Principal Analyst, Forrester
Welcome & Opening Remarks
Welcome to Forrester’s Security & Risk 2023. This session will set the tone for the next two days of bold vision and actionable insight from Forrester.
Speakers:
George Colony, CEO, Forrester
Stephanie Balaouras, VP, Group Director, Forrester
Keynote: The Future Of Zero Trust Is … Everywhere
Zero Trust is today’s de facto security strategy. But can we build Zero Trust into the world of tomorrow? Right now, organizations are designing Zero Trust into greenfield environments and retrofitting it into their legacy infrastructures. Optimizing Zero Trust for the dynamic, flexible requirements of the future will require that it be built into everything. In this talk, David Holmes will show how, in the future, everything will be Zero Trust by default. Attend this session to:
- Learn how to connect the pockets of Zero Trust in organizations today.
- Understand what needs to change for Zero Trust everywhere.
Speakers:
David Holmes, Principal Analyst, Forrester
Keynote: Too Fast, Too Furious: Managing The Speed Of Cybersecurity Regulatory Change
Navigating the barrage of new and evolving regulatory requirements makes compliance a constant uphill battle for security teams. This session will examine how security leaders are managing the latest changes and explore how they’re preparing for what’s on the horizon. Join this keynote session to learn:
- The consequences and risks associated with falling behind on regulation updates.
- Best practices to effectively manage and adapt to the speed of regulatory change for 2024 and beyond.
Speakers:
Stephanie Franklin-Thomas, PhD, SVP & CISO, ABM Industries
Gene Sun, Corporate VP, CISO, FedEx
Alla Valente, Senior Analyst, Forrester
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
10:50am - 11:00am - Onspring Technologies: Visualizing Vulnerability Scans & IT Risk Remediation
Vulnerability management reviews can leave your organization with lingering questions because the tools are designed to serve full-time analysts, who focus on data sets and aren’t visualizing the information. Business units are left wondering: Where exactly are the vulnerabilities? Where are my gaps? What do I need to remediate? How do I need to remediate? Learn how CTO’s are using their own tools to create decision-making data from vulnerability scanning.
Speakers:
Emily Elizabeth, Vice President, Onspring GRC Software
11:05am - 11:15am - ServiceNow: 3 recommendations to improve security and trust in 2024 and how ServiceNow can help
You know effectively managing cybersecurity and cyber risk is critical to maintaining the trust of your customers, which drives the success of your business. As you look toward 2024, you’re faced with many pressures but what should be top of mind and where can ServiceNow help? We’d like to discuss 3 not to ignore recommendations for 2024, where ServiceNow can help you improve security, efficiency, and trust
Speakers:
Alison Musci, Senior Director IRM Solutions Sales, ServiceNow
11:20am - 11:30am - Okta: Identity-Powered Zero Trust
With the threat landscape becoming ever more complex, organizations are mired in efforts to protect their environments and mitigate the risks these threats present. Traditional controls are falling short, and both Government bodies and the private sector are championing Zero Trust to combat modern threats. Join us as we walk through what ZT practically calls for and how it is architected in an environment where Identity is the glue in the security stack.
Speakers:
Gurinder Bhatti, Global Field Security Strategist, Okta
Beyond The Policy: Make Cyber Insurance Work For You
Increasingly stringent requirements, exclusions, and policy premium costs may appear as a trifecta of pain — but they’re really an opportunity. Security leaders can wield cyber insurance as a tool for security and risk management investment and maturing security program practices within your organization. This panel will examine how you can:
- Understand current common cybersecurity control requirements and anticipate future controls.
- Extract greater value from your cyber insurance policy and the insurance partner ecosystem.
Speakers:
Jason Bredimus, VP, IT Operations & CISO, Shamrock Foods Co.
Keeley Sidow, Cyber Client Relationship Director, Woodruff Sawyer
Timothy K. Smit, Global Privacy & Cyber Risk Consulting Practice Leader, Lockton Companies
Heidi Shey, Principal Analyst, Forrester
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
Code42: How Crowdstrike automated microtrainings to change behavior and prevent data loss
Join us to learn how to stop data loss by addressing employee behavior. Discover why an effective response strategy must account for risk severity, and get practical tips for implementing response controls accordingly. We’ll showcase how Code42 customer Crowdstrike used automated microtrainings to correct frequent employee mistakes, which reduced event triage for their security team, and drove data loss events down for the business.
Speakers:
Maria Izurieta, Chief Financial Officer, Code42
KnowBe4: Putting Humanity into Your Human Risk Management Program
Security teams are beginning to appreciate the importance of building a strong human defense layer. As a result, most organizations have adopted some form of security awareness, behavior, and culture program. But there is a complication: in building these people-focused programs, security teams often forget that people are, by nature, relational beings. This session provides practical guidance for understanding, managing, and maturing your program to best foster a positive relationship and culture.
Speakers:
Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4
ManageEngine: Debunking Zero Trust Myths with a Real Strategy for Cybersecurity
The concept of Zero Trust has garnered significant attention in the realm of cybersecurity in recent years. While Zero Trust is often touted as a revolutionary approach to safeguarding digital assets, it’s essential to critically examine and understand the principles and practical strategies involved. In this session, we’ll delve into the Zero Trust hype and unveil the genuine strategies that underpin this cybersecurity framework.
Speakers:
Sagay Joseph, Regional Technical Head (Strategic Accounts), ManageEngine
OneTrust: Take a data-centric approach to increase third-party risk visibility
As businesses rapidly expand their use of third parties, risk leaders are being forced to re-think their approach to third-party risk management. By taking a data-centric and cross-functional approach to risk evaluation, third-party programs can drive efficiencies across the management lifecycle to foster a resilient, transparent, and scalable third-party ecosystem. In this session, we will review best practices to optimize third-party workstreams and showcase key outcomes from OneTrust customers.
Speakers:
Chris Paterson, Senior Director of Strategy Third Party Management, OneTrust
Nicholas Geyer, Product Marketing Manager, Third-Party Management, OneTrust
ELE Lunch Keynote: A CISOs Guide To Building A High-Performing Security Team
Join your ELE peers to discover the essential strategies for assembling and leading a high-performing security team in today’s dynamic threat landscape. This lunch session with Jacobs Head of Security, Raj Badhwar and Forrester’s VP and Principal Analyst Jinan Budge will dive into the critical components of team building and leadership that every CISO needs to know. Learn how the team at Jacobs is tackling the business needs of today while taking the steps to build the security team of tomorrow. This session will cover:
- Identifying and attracting top cybersecurity talent that might otherwise be overlooked.
- How CISOs can nurture a collaborative security culture.
- How security teams can foster a more inclusive environment and community for all.
Speakers:
Raj Badhwar, Vice President, Global Head of Cybersecurity , Jacobs
Jinan Budge, VP, Principal Analyst, Forrester
CISOs As Closers: Win Business, Close Deals
Contributing to revenue generation is always better than being a cost center, especially during a downturn. Today’s cybersecurity programs help win and retain business by aligning investment and implementing controls to meet the requirements of three key constituencies: customers, cyber insurers, and regulators. But security leaders often fail to adequately quantify — and evangelize — these contributions. This session will help security leaders drive growth and:
- Differentiate their organization’s products or services on trust.
- Measure security’s impact on customer acquisition activities.
Speakers:
Jeff Pollard, VP, Principal Analyst, Forrester
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
Cisco: SSE: Potential Benefits, Hype, and Reality
Security Service Edge is a hot topic because of the powerful set of potential benefits, but like any new concept, there are multiple interpretations and unsubstantiated hype as well. Join us for a discussion about what organizations are looking for in an SSE solution, what some of the pitfalls have been so far, and what CDW and customers have learned about SSE and Secure Access.
Speakers:
David Gormley, Product Marketing Leader, Cisco
Jeremy Weiss, Executive Security Strategist, CDW Security
CyberProof: Unraveling the risks: Building a next-gen, cloud-native SOC
As enterprises embrace cloud transformation, security teams must not only adapt, but also stay ahead of their organizations. The transition of a Security Operations Center (SOC) to a cloud-native environment can be fraught with challenges and may lead to disastrous consequences if not executed properly. We will discuss about the challenges associated with cloud-native SOC implementation, with a special focus on cost-related concerns, and offering practical solutions.
Speakers:
Eran Alsheh, Chief Technology Officer, CyberProof
Eric Brooks, Senior CyberSecurity Manager, Ferguson
IBM: How IBM Security & Meijer have evolved from clients into partners on a mission to secure the future
The essence of a partnership is connection and commitment. Over the years, IBM Security has worked with Meijer solving various complex security issues and helping both organizations grow and mature their security posture however that is has not been a one-way street. Thanks to feedback and insights from Meijer, IBM Security has improved their ability to deliver customized and impactful security products and services. Join this session to learn how IBM Security and Meijer have evolved to co-collaborators with a vested interest in each other’s success and some big security wins across the board!
Speakers:
John Dwyer, Head of Research, X-Force, IBM
Philip Keibler, Vice President, Chief Information Security Officer, Meijer
ThreatLocker: Do You Know What's In Your Systems?
Using actual [redacted] customer endpoint data, ThreatLocker VP of Solutions Engineering Ryan Bowman will review what we found on their systems. With this Health Report of mitigation recommendations, you’ll learn what the customer learned and how the customer reacted. Would you do the same? Ryan will share best practices for prioritizing action and strategies to harden your environment.
Speakers:
Ryan Bowman, VP of Solutions Engineering, ThreatLocker
A Decade Of Hype: Secure Zero Trust's Future Amid Executive Fatigue
From its humble network beginnings in 2009 to its current status as a model recognized and mandated by governments across the globe, Zero Trust is now a modern security architecture blueprint for enterprises. But senior executives are still used to projects with defined stop and start dates, and Zero Trust is an ongoing endeavor. This session will help security leaders anticipate this pushback and explain the next phase of their Zero Trust journey. Attend this talk to learn how to:
- Explain that deploying Zero Trust was just the starting point.
- Anticipate and adapt to Zero Trust fatigue in the C-suite.
Speakers:
Jinan Budge, VP, Principal Analyst, Forrester
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
3:40pm - 3:50pm - Venafi: Crafting a Compelling Cybersecurity Story in 10 Minutes
In today’s fast-paced world, quickly capturing someone’s attention and conveying complex information can be challenging. This presentation will teach you how to effectively tell your cybersecurity story in just 10 minutes, with value cards, making a lasting impact on your audience. We’ll explore techniques for distilling complex cybersecurity concepts like zero trust into easily digestible narratives. Whether you’re presenting to executives, potential customers, or at a conference, you’ll learn how to create a concise, compelling story highlighting cybersecurity’s importance and showcasing your solutions’ value. By the end of this presentation, you’ll have the basic concept and confidence to deliver a powerful, persuasive cybersecurity story that leaves a lasting impression, no matter how limited your time may be.
Speakers:
Nick Curcuru, Head of Solutions Marketing, Venafi
3:55pm - 4:05pm - Binary Defense: Understanding Managed Detection & Response
To choose an MDR solution, prioritize vendors that combine technology with human expertise and offer real-time threat detection, analysis, and response. Consider features like threat intelligence, detection engineering, security operations center (SOC), continuous security posture improvement, and relevant metrics. Be sure to ask relevant questions in the selection process to ensure prospective vendors can deliver on the necessary specifications.
Speakers:
Joe McMann, Head of Cyber Services, Binary Defense
4:10pm - 4:20pm - Brinqa: Precisely Reduce the Vulnerabilities that Matter with Brinqa
Impossible backlogs, fragmented visibility, ownership complexity, and unmotivated stakeholders frustrate both vulnerability management teams and the remediation teams asked to fix security issues. This leads to wasted time and more residual security risk on a continuous basis while still incurring development and IT costs to fix low risk vulnerabilities. Escape this lose-lose scenario with Brinqa, which helps you unify, prioritize, remediate, and report on disparate security findings with risk context from a single platform.
Speakers:
Aaron Marzullo, Sales Engineer, Brinqa
Forrester Security And Risk Enterprise Leadership Award
Welcome to the highly anticipated Forrester Security And Risk Enterprise Leadership Award, the only assessment dedicated to recognizing excellence in security, privacy, and risk strategy, integral to building a trusted and resilient business.
In this session, we will announce the winner of this year’s award and hear how they continually build trust with customers, employees, and partners.
Speakers:
John Cadavid, Global Chief Information Security Officer , Barclays
Matt Reiley, Director for US Cyber Operations , Barclays
Joseph Blankenship, VP, Research Director, Forrester
Jess Burn, Principal Analyst, Forrester
Keynote: Adapt And Adopt: Balance The Acute Risk With The Burgeoning Reward Of AI
AI entered the cybersecurity lexicon as a buzzword. Years later, it is poised to change the way the enterprise operates and has overtaken the agenda of cybersecurity leaders. AI’s massive risk and incredible opportunity are forcing security leaders and their teams into a balancing act of enterprise enablement for a new, evolving, and complex technology. In this keynote, we will do a deep dive on the risks, threats, and opportunities AI brings. Attend this session to delve into how:
- Cybersecurity can be instrumental in securing the big bets your enterprise makes on AI.
- You can enable the business to use AI securely.
- AI will change the way security operates.
- Adversaries will leverage AI.
- You can encourage your security practitioners to question, adopt, and trust AI.
Speakers:
Allie Mellen, Principal Analyst, Forrester
Jeff Pollard, VP, Principal Analyst, Forrester
ELE Exclusive Reception: Meet and Greet Security & Risk Keynotes
Enjoy this opportunity to further engage with peers met during the ELE program.
Wednesday Nov 15
Keynote: Build A Modern Product Security Team
Modern and future fit technology organizations transform technology to support their organization’s business strategy. Those hoping to evolve from traditional to modern or future fit must adopt a technology strategy that enables adaptivity, creativity, and resilience — but they won’t get there unless the product security team embraces those principles, too. This session will discuss:
- What it means to be future fit — and what a product security team looks like in a modern tech or future fit tech organization.
- How to evolve your product security strategy from traditional to modern … and from modern to future fit.
Speakers:
Sandy Carielli, Principal Analyst, Forrester
Guest Keynote: Going All-In On Zero Trust – The How And Why Behind The Government’s Strategy
In 2022, The White House Executive Order 14028 and Office of Management and Budget (OMB) memo OMB M-22-09 mandated that federal agencies adopt Zero Trust by 2024. Since then, federal agencies have rushed to learn about and implement Zero Trust architecture across their environments. Chris DeRusha, Federal Chief Information Security Officer and Deputy National Cyber Director will share why the federal government chose Zero Trust as its chosen security model, what it learned from the executive order, and how the implementation is going. Government and private sector security leaders should attend this session to learn:
- Why the US federal government chose Zero Trust as its de-facto security strategy.
- What government security leaders have learned so far, including pushback, obstacles, and wins.
- How organizations doing business with the federal government are also impacted.
- How to track progress in your own Zero Trust journey.
Speakers:
Chris DeRusha, Federal CISO & Deputy National Cyber Director, Office of Management and Budget, Office of the National Cyber Director
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Attend one session:
10:15am - 10:25am - LastPass: Navigating the Passwordless Evolution with LastPass
With over 80% of breaches stemming from compromised login credentials, passwords have evolved from a solution to a glaring problem. In the midst of the compromised credentials crisis, eliminating passwords may seem like the obvious step, but the journey is far from straightforward. Brace yourself for a game-changing perspective with LastPass as we dissect the passwordless evolution, revealing how distinguishing between a mere ‘experience’ and a true ‘solution’ can turbocharge your transition
Speakers:
Scott Ritter, Account Executive, LastPass
10:30am - 10:40am - Sonatype: AI's Impact in Software Development: Navigating Governance, Copyright, and Compensation Complexities
While artificial intelligence (AI) and machine learning (ML) technology has become more accessible than ever, there are still significant looming questions about its usage in software development. Should organizations be responsible for regulating the use of AI? Who holds copyright ownership for AI-generated code based on open source? How should developers be compensated for code used in large language models (LLMs)? In this talk, Dr. Stephen Magill, VP of Product Innovation at Sonatype, explores these questions and more, providing data-backed best practices for mitigating risk, implementing automation, and integrating AI in the software supply chain.
Speakers:
Dr. Stephen Magill, VP of Product Innovation , Sonatype
10:45am - 10:55am - Recorded Future: Reducing Operational Risk with Threat Intelligence
1 in 5 organizations have experienced a significant outage in the last three years that negatively affected their reputation, revenue, and compliance adherence. Learn from Recorded Future experts how threat intelligence can be a force multiplier, enabling security teams to strengthen their defenses, enhance operational workflows through automation, and mitigate the impact of attacks such as ransomware.
Speakers:
Ellen Wilson, Manager, Product Marketing, Recorded Future
Skills That Cybersecurity Programs Need In The Next Five Years
Sometimes cybersecurity talent strategies feel like a game of whack-a-mole or buzzword bingo, as security teams are forced to learn skills based on the latest and greatest acronym in the industry. CISOs need a talent strategy that factors in current skills, innovative technologies, and the time horizon available to cultivate these skills and avoid forcing practitioners to scramble through courses and certifications to fill gaps. This session will help security leaders:
- Develop training plans and career paths that challenge — and retain — top talent.
- Invest in the right resources for continual upskilling.
Speakers:
Jess Burn, Principal Analyst, Forrester
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
Akamai Technologies: Revisiting Defense In Depth: A New Approach
As cyberattacks increase and become more effective, the Defense in Depth security strategy is no longer realistic. In this case study, we explore a new take on an old tactic and how one company with a growing attack surface, number of products, vendors, and security gaps took defense in depth to mean a ‘depth of coverage’ against the modern attack sequence. Learn their strategy for stopping sophisticated attacks against their modern infrastructure.
Speakers:
Dan Petrillo, Director, Product Marketing, Akamai Technologies
Coalfire: Successfully Meet Emerging Risks & Compliance Requirements for Tech and Enterprises
From the boardroom to the cloud, CISOs face unprecedented challenges – from avoiding or managing a security event to protecting the company’s reputation and mitigating increasing and evolving risks. Learn how some of Coalfire’s top customers achieved a distinct competitive advantage by embracing innovative cybersecurity approaches that leverage threat-informed offensive approaches, proactive compliance processes, and long-term, business-aligned strategies.
Speakers:
Tom McAndrew, CEO, Coalfire
Microsoft: AI: Defending at machine speed with Microsoft Security
Learn about Microsoft security’s zero trust principles, and how new generative AI capabilities build on them to deliver a more optimized security operations experience. We’ll review how Microsoft Security Copilot works with SIEM and XDR to help defenders respond to threats quicker, level up and gain a greater understanding of the threat landscape.
Speakers:
Omar Turner, General Manager, Northeast CSU (Customer Success Unit) Security Leader, Microsoft
Alex Klausner, Sr. Product Marketing Manager, SCI Security
Uptycs: How IBM secured its internal ecosystem of Linux on IBM Power, Z mainframe, and AIX-based assets
Join the conversation as IBM reveals how it has successfully modernized and secured this vital ecosystem unlocking the ability to both migrate legacy workloads as well as develop hybrid cloud and container-based applications. Learn advanced techniques for proactive threat detection, prevention, and response, enabling you to fortify the security of your IBM Power Systems and Z mainframes for your own app modernization and digital transformation efforts.
Speakers:
Adrian Wreh, Sr. Manager Platform Operations, IBM
Dan Dearing, Sr. Director Product Marketing, Uptycs
ELE Lunch Keynote: A Q&A With The Security & Risk Enterprise Leadership Award Winner
Hear the “behind the scenes” story of the Forrester Security & Risk Enterprise Leadership Award Winner and ask your questions about the journey that led to the award and the winner’s perspective on the road ahead.
Speakers:
Matt Reiley, Director for US Cyber Operations , Barclays
John Cadavid, Global Chief Information Security Officer , Barclays
David Levine, VP, Executive Partner, Forrester
Look Overseas For What’s Next In US Cybersecurity Regulation
In recent years, authorities overseas have stepped up their game and innovated when it comes to cybersecurity regulation. Legislative and regulatory activity indicates the same will happen here, using European regulations as inspiration for US requirements. Staying up to speed on what happens in Europe on the regulatory front will better prepare security leaders and their programs to drive the investment and change management necessary to protect and grow revenue via compliance. This session will help you:
- Understand what elements of European regulations may find their way into US legislation.
- Learn from European security programs’ compliance and change management challenges.
Speakers:
Madelein van der Hout, Senior Analyst, Forrester
Case Study Sessions (In-Person Only)
Hear real world case studies showcasing the value of partnering with the right security and risk provider.
Attend one session:
DigiCert: Preparing for a Quantum-Safe Future
Quantum computing is an existential threat to current security measures. Join this session for expert perspectives on quantum computing timelines, a look at survey data examining what companies are doing today to prepare, and an overview of how you can get started today on strategies that will provide the agility and efficiency you need to navigate successfully through this industry change.
Speakers:
Deepika Chauhan, Chief Product Officer, DigiCert
Mastercard: How Cyber Risk Quantification Implementation Benefits Fidelity Investments
It takes time and effort to build trust, and a minor misstep can break that trust. In today’s connected economy, every transaction and interaction within a company has an element of technology. Protecting these interactions is essential to manage trust; organizations do this by managing technology risks. In this session, Fidelity’s cybersecurity leader will share how they leverage cyber risk quantification to help make technical and business decisions, in collaboration with Accenture and Mastercard.
Speakers:
Urooj Burney, Global Head of Risk & Resilience Services, Mastercard
Larry Lipsey, VP, Cyber Policy & Controls Leader, Fidelity Investments
William Beer, Northeast Security Lead, Accenture
Zscaler: Unleash the Full Power of Secure Digital Transformation
Every age is accompanied by new, special demands for the decision-makers who steer the fortunes of companies. In recent years, business success has become intrinsically linked to IT infrastructure and seamless and secure connectivity is the key to unlock innovation and accelerate business outcomes. To reach this state, enterprises are transforming their networks and security to a zero trust architecture, thereby reducing risk, eliminating cost and complexity and increasing agility.
Join this session to learn:
- How zero trust architecture secures users, workloads, IoT/OT devices, and your business partners by addressing critical security shortcomings of legacy network architecture
- How zero trust architecture secures users, workloads, IoT/OT devices, and your business partners by addressing critical security shortcomings of legacy network architecture
- How to reduce network complexity without exposing your organization to new risks
- The key steps in a phased secure digital transformation journey as well as proven advice to drive the mindset and cultural change required
Speakers:
Dhawal Sharma, SVP, Product Management, Zscaler
Rob Wenier, Global Head of Cloud and Infrastructure, AstraZeneca
Marketplace Break (In-Person Only)
Marketplace breaks are your chance to connect with sponsors and catch up with colleagues on the show floor.
Check out our Sponsor Spotlights to learn more about the next great solution for your team. See below for the list of spotlights during this time.
Keynote: Digital Identity And Fraud In The Age Of AI
The age of AI is upon us, with the potential to upend and transform many existing markets. Identity and fraud are not immune to AI’s effects, whether it is AI-generated deepfakes launching social engineering attacks to evaluating real-time access data to identify anomalous identity activity. Managing identity and fraud in the age of AI will require a new mindset and strategy to ensure that the business remains protected while maintaining trust and seamless digital experiences for customers, employees, and partners. In this session, Merritt will review how:
- AI is influencing identity and fraud.
- Organizations should prepare to evolve their IAM programs to operate efficiently in the age of AI.
Speakers:
Mary Faulkner, VP, CISO and VP of IT Operations, Thrivent
Upendra Mardikar, CISO, TIAA
Sarah Nur, Associate Chief Information Officer for Cybersecurity and Treasury Chief Information Security Officer, U.S. Department of the Treasury
Merritt Maxim, VP, Research Director, Forrester
Keynote: AI Ethics And Compliance: Risk Hell, Settle For Purgatory, Or Enter Paradise
From Europe to the US and AP, the regulatory machine is spinning. Everybody agrees on the need to regulate AI, no one knows how to do it, and you are in charge of ensuring risks are under control. It will be a perilous and uncertain journey, but the opportunity to shape a trusted and ethical approach to AI is yours and the time is now. This session will:
- Explore the upcoming principles and regulations that will define AI risk practices of the future.
- Illustrate emerging best practices for building and executing AI governance frameworks.
- Give you guidance on what to do next.
Speakers:
Enza Iannopollo, Principal Analyst, Forrester
Tuesday
Nov 14- 9:00 am – 5:30 pm ET AI-focused Sessions
Wednesday
Nov 15- 9:00 am – 4:20 pm ET AI-focused Sessions
Tuesday Nov 14
Keynote: Adapt And Adopt: Balance The Acute Risk With The Burgeoning Reward Of AI
AI entered the cybersecurity lexicon as a buzzword. Years later, it is poised to change the way the enterprise operates and has overtaken the agenda of cybersecurity leaders. AI’s massive risk and incredible opportunity are forcing security leaders and their teams into a balancing act of enterprise enablement for a new, evolving, and complex technology. In this keynote, we will do a deep dive on the risks, threats, and opportunities AI brings. Attend this session to delve into how:
- Cybersecurity can be instrumental in securing the big bets your enterprise makes on AI.
- You can enable the business to use AI securely.
- AI will change the way security operates.
- Adversaries will leverage AI.
- You can encourage your security practitioners to question, adopt, and trust AI.
Speakers:
Allie Mellen, Principal Analyst, Forrester
Jeff Pollard, VP, Principal Analyst, Forrester
Wednesday Nov 15
Breakout: A Modern DLP Approach Works For Everything From Zero Trust To GenAI
Data loss prevention (DLP) features and capabilities are included in many security offerings, and DLP still exists as a standalone product. But it is also an approach that does not necessarily require the use of DLP technologies to achieve the outcome of enforcing DLP policies. Whether you are contemplating replacing your traditional DLP solution or deploying DLP capabilities for the first time, you are navigating a new technology landscape. In this session:
- Learn how a modern approach to DLP aligns with a Zero Trust approach.
- Examine considerations for your DLP roadmap for concerns like generative AI and insider threats.
Speakers:
Heidi Shey, Principal Analyst, Forrester
Keynote: Digital Identity And Fraud In The Age Of AI
The age of AI is upon us, with the potential to upend and transform many existing markets. Identity and fraud are not immune to AI’s effects, whether it is AI-generated deepfakes launching social engineering attacks to evaluating real-time access data to identify anomalous identity activity. Managing identity and fraud in the age of AI will require a new mindset and strategy to ensure that the business remains protected while maintaining trust and seamless digital experiences for customers, employees, and partners. In this session, Merritt will review how:
- AI is influencing identity and fraud.
- Organizations should prepare to evolve their IAM programs to operate efficiently in the age of AI.
Speakers:
Mary Faulkner, VP, CISO and VP of IT Operations, Thrivent
Upendra Mardikar, CISO, TIAA
Sarah Nur, Associate Chief Information Officer for Cybersecurity and Treasury Chief Information Security Officer, U.S. Department of the Treasury
Merritt Maxim, VP, Research Director, Forrester
Keynote: AI Ethics And Compliance: Risk Hell, Settle For Purgatory, Or Enter Paradise
From Europe to the US and AP, the regulatory machine is spinning. Everybody agrees on the need to regulate AI, no one knows how to do it, and you are in charge of ensuring risks are under control. It will be a perilous and uncertain journey, but the opportunity to shape a trusted and ethical approach to AI is yours and the time is now. This session will:
- Explore the upcoming principles and regulations that will define AI risk practices of the future.
- Illustrate emerging best practices for building and executing AI governance frameworks.
- Give you guidance on what to do next.
Speakers:
Enza Iannopollo, Principal Analyst, Forrester
Digital Content
Nov 14- 9:00 am – 6:00 pm ET Digital-Only Sessions
Digital Content Nov 14
Embracing Diversity As Your Key For Growth: A Few Practical Steps!
Diversity, Equity and Inclusion (“DEI”) are key concepts at the forefront of many corporations’ agendas today. The need for a more inclusive workspace is not new, but corporations are now recognizing trends in the correlation between a diverse/inclusive workspace and greater staff retention and productivity. This session provides an easy-to-follow pathway that helps get any company past the initial step (of what is often viewed unfavorably as ‘requisite diversity training’) and around the most common traps that stop companies from maintaining best practices.
- How to ‘jump right in’ and identify specific areas for program enhancement. Don’t get lost in the too-big picture!
- Learn the three key components of the employee lifecycle for DEI incorporation.
- Discover how a stronger DEI program can lead to team and company maturity.
- Recognize the most common traps: where attempts to be inclusive go wrong with most corporations.
- Act upon two things you can do to improve immediately/today.
Speakers:
Jade Johnson, Owner, JadeInclusion
Build A Better Listening Strategy To Inspire And Enable Your Employees
Gone are the days when leaders stood in front of their followers and told them what matters. Modern leaders engage their teams to learn from them, and with them, what matters in business and for customers. But that can only happen with a more purposeful listening strategy. In this session, attendees will learn:
- What listening is and why it plays the largest role in an organization’s approach to employee input.
- How listening is a productive, rather than merely reactive, tool for improving the business.
- Why successful leaders will be known as much for what they learned as what they said.
Speakers:
David Johnson, Principal Analyst, Forrester
Earning Excellence: How Managers Can Inspire And Enable Sustained Excellence
Energy and engagement are finite resources that are essential to achieving business results. One of the challenges that organizations and leaders face is that these resources have been depleted for many of their employees due to a lack of strategies to refresh and sustain that energy. In this session, we will:
- Define “tired rock stars” — high-engagement contributors who are at risk of burning out.
- Guide leaders to see the tired rock stars in their ranks (including, possibly, themselves) and understand them more clearly.
- Share how leaders can sustainably earn excellence from their talent.
Speakers:
Jonathan Roberts, Senior Analyst, Forrester
How Primary Drivers Behind Accessibility Statements are Shifting to Attracting and Retaining Talent
Compliance and avoiding lawsuits are no longer the primary driver behind enterprise accessibility statements. This panel will discuss the shift of firms citing that “attracting and retaining talent” as the top driver behind their accessibility commitments. During this session, we will discuss:
- The myths of providing accommodations, and how to manage an increasing number of requests from employees
- How companies are personalizing their employee value proposition at scale
- Why a “one size fits all” approach no longer works and how having a strong, accessible culture can be the difference between a productive employee base vs. an unsatisfied one.
Speakers:
Sarah Bernard, Co-Founder and Chief Operating Officer, Inclusively
Charlotte Dales, Co-Founder and CEO, Inclusively
Gina Bhawalkar, Principal Analyst, Forrester
Resilience, Growth Mindset And Self-Care: A Leadership Journey
A personal & professional journey that has seen this Product Leader succeed across multiple industries, geographies and at the intersection of technological & business disruption. In this fireside chat, Ash Mukherjee will discuss with Monica Carlesso how she has grown as leader by embracing curiosity and displayed grit to open to be constantly out of the comfort zone, yet has learnt how self-care is key to leadership and a sustainable growth. Modern leadership is about embracing change and dichotomies, both as strategic business levers but also to lead compassionately through massive societal changes and Monica will share her story with Ash.
During this session, we will discuss:
• A product leader’s journey across different industries and geographies, exploring challenges and implications
• How to overcome the bumps of a growth journey with curiosity, grit and self-care.
Speakers:
Monica Carlesso, Head of Product Identity & Authentication , Lloyds Banking Group
Ash Mukherjee, Solution Partner, Forrester