SANS CISO Networking Forum November 3, 2021

SANS CISO Networking Forum Agenda

Agenda is all in GMT (may be subject to change)
15:00-15:15 - Opening Remarks by James Lyne, CTO, SANS Institute Studio Guest: Dr Kevin Jones, Group CISO, Airbus
15:15-16:10 - Parsing Cyber Insurance: Is it a tool or a distraction? Speaker: Jason D. Christopher, SANS Certified Instructor Over the past 30 years, cyber insurance products have grown from a niche market to common conversations in the board room. With the accompanying rapid change in threats and regular headlines grabbing executives' attention, it is no wonder that companies are exploring its potential relief during and after a cyber incident. But is cyber insurance all that it is made up to be? Can it truly help your organization, or does it detract from your overall security program? Join us as Jason D. Christopher, a cyber risk advisor and SANS certified instructor, explores the nuances of insurance products and common misconceptions from the perspective of a former regulator, incident responder, and risk management executive. This session will highlight recent trends in the insurance market and provide insights on how companies have succeeded (and failed) in tapping its potential.
16:15-17:00 - Panel Discussion Speakers: Curtis Dukes EVP & GM, Center for Internet Security Tony Sager Senior VP & Chief Evangelist, Center for Internet Security Bob Dehnhardt, CISO, State of Nevada Sharif Gardner, Head of Training & Advisory Services, AXIS Capital Dr Kevin Jones, Group CISO, Airbus Phyllis Lee, Senior Director for Controls at Center for Internet Security Eric Tilds, Founder and Managing Member at techGC This panel will discuss the key critical issues facing organisations across the globe when implementing cyber insurance policies, to applying these policies to the real world and what that means for businesses. Is cyber security insurance really worth it or not? Are cyber-attacks really seen as an act of war and will insurance companies even pay out? What are the standards of reasonableness around much of the new breach and privacy legislation and insurance standards flooding the cyber industry? “How cybersecurity Insurance companies are starting to use the CIS Controls v8 (formerly the Critical Security Controls) to underwrite policies and adjust premiums, accordingly.” Guidelines for demonstrating adherence to a cyber standard
17:00 - Closing Remarks Speaker: James Lyne, CTO, SANS Institute

Agenda is all in GMT (may be subject to change)

15:00-15:15 - Opening Remarks by James Lyne, CTO, SANS Institute

Studio Guest:

Dr Kevin Jones, Group CISO, Airbus

15:15-16:10 - Parsing Cyber Insurance: Is it a tool or a distraction?

Speaker:

Jason D. Christopher, SANS Certified Instructor

Over the past 30 years, cyber insurance products have grown from a niche market to common conversations in the board room. With the accompanying rapid change in threats and regular headlines grabbing executives' attention, it is no wonder that companies are exploring its potential relief during and after a cyber incident. But is cyber insurance all that it is made up to be? Can it truly help your organization, or does it detract from your overall security program? Join us as Jason D. Christopher, a cyber risk advisor and SANS certified instructor, explores the nuances of insurance products and common misconceptions from the perspective of a former regulator, incident responder, and risk management executive. This session will highlight recent trends in the insurance market and provide insights on how companies have succeeded (and failed) in tapping its potential.

16:15-17:00 - Panel Discussion

Speakers:

Curtis Dukes EVP & GM, Center for Internet Security
Tony Sager Senior VP & Chief Evangelist, Center for Internet Security
Bob Dehnhardt, CISO, State of Nevada
Sharif Gardner, Head of Training & Advisory Services, AXIS Capital
Dr Kevin Jones, Group CISO, Airbus
Phyllis Lee, Senior Director for Controls at Center for Internet Security
Eric Tilds, Founder and Managing Member at techGC

This panel will discuss the key critical issues facing organisations across the globe when implementing cyber insurance policies, to applying these policies to the real world and what that means for businesses.

Is cyber security insurance really worth it or not?
Are cyber-attacks really seen as an act of war and will insurance companies even pay out?
What are the standards of reasonableness around much of the new breach and privacy legislation and insurance standards flooding the cyber industry?
“How cybersecurity Insurance companies are starting to use the CIS Controls v8 (formerly the Critical Security Controls) to underwrite policies and adjust premiums, accordingly.”
Guidelines for demonstrating adherence to a cyber standard

17:00 - Closing Remarks

Speaker:

James Lyne, CTO, SANS Institute

Speakers

Curtis Dukes

Dukes joined the National Security Agency in 1984 as a Computer Scientist. He served in a variety of organizations within NSA and earned the Distinguished Executive, Meritorious Executive, as well as Exceptional Performance and Meritorious Civilian Service Awards.

Learn More