Parham Eftekhari

Parham Eftekhari

CyberRisk Alliance
Executive Vice President, Collaboration

Parham Eftekhari is a recognized business executive in the information security sector with a lifelong passion for leadership, and community engagement. His expertise spans critical infrastructure technology and policy, business strategy and operations, executive advising, and thought leadership content initiatives.

Parham has published over a dozen information security reports, regularly engages with the media, and has contributed to countless briefings and events at institutions including TEDx, Congress, the World Bank, RSA, IFA+, (ISC)2, C-SPAN, and the Institute for Critical Infrastructure Technology (ICIT).

Cybercast
The increased complexity of malicious actors’ techniques demand CISOs stay one step ahead of the threat landscape while still preparing for potential worst-case scenarios. Join this panel discussion to learn the steps CISOs can take to minimize the impact of a ransomware attack. The discussion explores: The latest adversarial trends a...
More info
Cybercast
Threat actors never stop working and employing new tools to hold your data hostage and take your business down. Attack vectors are often multifaceted and evasive. And the risk of reinjecting vulnerabilities, compromised accounts, and other attack artifacts back into your environment is a pervasive threat. Compared to previous data exfiltration att...
More info
Cybercast
With the potential of cost savings, reduced operational complexities, and speed to market, many organizations are migrating from on-premises and third-party data centers to Cloud computing environments.  However, accompanying these “cloud first” strategies are many challenges that include protecting confidential data and operating new securit...
More info
Cybercast
The secure and efficient administration of user and technology identities across multiple Cloud and on-premises environments has been a challenge for organizations. Consequently, many CISOs are examining new Identity Governance and Administration (IGA) platforms and authentication mechanisms, which will involve large investments and implementation...
More info
Cybercast
In today’s digital enterprises, identity-centered security is critical to reduce vulnerable attack surfaces, but implementation or rearchitecting efforts can be costly, burdensome to security teams, and create friction for users. In this panel discussion, CISOs share their IAM implementation and maturation best practices and lessons learned alo...
More info
Cybercast
The frequency of data breaches and leaks in 2023 has surpassed cyber incidents from the past five years, highlighting the necessity for strong cybersecurity frameworks. In his discussion, Bart Falzarano, Head of Information Security at Bitwarden, will highlight the critical role of Zero Trust architecture in enhancing Identity Access Management (I...
More info
Cybercast
The embrace of SaaS and operating in multi-cloud environments creates an expansive and dynamic attack surface, making it difficult for security teams to maintain visibility into and understand risk levels. And with the protection of sensitive data now a shared responsibility between security teams and providers, CISOs have additional consideration...
More info
Cybercast
Generative AI has taken over the conversation and, in time, will be transformative to the cyber industry and our society. But the models are still in development, and ultimately, CISOs must discern the appropriate places to leverage AI tools to help their company as well as define the acceptable risks and proper usage.  This panel discussi...
More info
Cybercast
Managing the scope and complexity of third-party relationships can be a highly manual, time-consuming task for many security teams, and even after this effort effectively mitigating supply chain vulnerabilities remains one of the greatest threats to an organization’s security. In this panel discussion, security leaders share current approaches, ch...
More info
Cybercast
The unique characteristics of OT systems – legacy equipment, long lifecycles, and the convergence with IT networks – complicates deploying traditional security approaches. And these inherent weaknesses in OT environments create a low-hanging and potentially lucrative target for threat actors, making it critical that security teams take steps to en...
More info
Cybercast
Securing Operational Technology is a challenge for many organizations that depend on the continual availability of ICS/SCADA systems to manufacture their products. For example, maintenance windows for security patches are often hard to find and raise concerns about ““breaking”” systems. Furthermore, OT systems require Internet access and, therefor...
More info
Cybercast
By operating Records & Information Management (RIM) functions, data security and lifecycle management practices have been employed by organizations even before computing became the norm.  However, these practices are continually stretched to keep pace with new technologies, like AI, which can pose threats to data confidentiality and integ...
More info
Cybercast
The rapid expansion of digital capabilities has moved sensitive data into various ecosystems, creating additional risk and compliance concerns for organizations. In this panel discussion, security leaders share their approach to striking the right balance of protecting data while enabling information sharing and innovation.   The discussio...
More info
Cybercast
CISOs strive to develop and use security metrics as an objective way to: (1) portray the state of their security programs; and (2) effect positive change to security controls, like patching within SLAs and improving phishing email awareness. However, they are challenged by data collection difficulties, limitations of reporting tools, and uncertain...
More info
Cybercast
Determining the most relevant cybersecurity metrics has long been discussed, but as high-profile attacks and regulatory scrutiny increases, effectively monitoring the progress and continued risk in a security program is paramount. In this panel, CISOs share their challenges and experiences implementing and expanding a metrics program and offer ins...
More info
Cybercast
Key objectives of a governance, risk, and compliance program (GRC) are to ensure that the cybersecurity program has appropriate oversight, identifies and addresses cyber risks, and complies with all applicable laws and regulations. GRC functions shape cybersecurity program components and its principal functions to reduce risk and meet all complian...
More info
Cybercast
A robust GRC program fosters the ability to manage key risks and protect sensitive data, aligning security initiatives with organizational objectives; and ultimately allows the CISO to establish trust and confidence with key stakeholders. However, the constantly evolving regulatory landscape is resource intensive to manage and requires striking a ...
More info