Leadership, Security Program Controls/Technologies, Threat Management

AI, threat intelligence and CISO-vendor partnerships: The Seattle CyberRisk Leadership Exchange

Men and women in business attire sitting at round tables listen to a speaker on a podium in a hotel conference room.

The Seattle CyberRisk Leadership Exchange organized by the Cybersecurity Collaboration Forum, held in Bellevue, Washington on Wednesday, May 3, explored more than a dozen topics in enterprise cybersecurity, including how to deal with artificial intelligence, countering new nation-state threats and how to find the right technology partners.

About 125 CISOs, CIOs, risk-management leaders and other cybersecurity and risk professionals from the Pacific Northwest gathered at the Hyatt Regency Bellevue to attend four keynote presentations, four lightning talks and seven closed-door boardroom discussions.

Attendees were asked to adhere to the Chatham House Rule to encourage free and open discussion. After the event, participants could share with outsiders what was said at the Leadership Exchange, but could not disclose who said it.

How to handle AI

Generative AI and how to use and secure it was the topic of one keynote as well as a boardroom session. The keynote consisted of a panel discussion among Mary Gardner, CISO of The Greenbrier Companies, a railcar manufacturer in Lake Oswego, Oregon; Vikram Rao, Chief Trust Officer at Salesforce; and Dan Vickery, CISO at Precision Castparts, an aircraft-parts manufacturer in Portland, Oregon.

It was moderated by Mike Britton, CISO of Abnormal Security, which also sponsored the keynote, and focused on the risks and opportunities afforded by AI, including how to leverage it appropriately.

Other boardroom sessions dealt with optimizing security budgets, communicating with corporate boards, fostering cybersecurity talent, adapting to SaaS technologies, redesigning identity and access management and monitoring attack surfaces.

Unwitting nation-state targets

The closing keynote, "Navigating Nation-State Threats in a New Era of Strategic Competition," was sponsored by Strider Technologies, a Utah-based startup that uses open-source threat intelligence and email monitoring to identify potential Russian or Chinese corporate espionage.

Strider Co-Founder and CEO Greg Levesque, accompanied by Salesforce VP of Insider Threats Chase Kilburn and Salesforce SVP of Security Operations William McMillan, told the audience that even companies that consider themselves insulated from geopolitical concerns can find themselves targets of nation-state spying.

Finding the right technology partner

But it was the topic of CISO-vendor relations that dominated the other two keynotes.

The opener, "CISO Seeking a Technology Partner Who Just Gets It", involved Dr. Adrian Mayers, VP & CISO of Premera Blue Cross and Mic McCully, Field CTO at Snyk, which sponsored the keynote.

Mayers grilled McCully as if they had met through a matchmaking app and were on a get-to-know-you first date — except that the relationship whose boundaries they were trying to define was between an enterprise client and a prospective technology provider.

The idea was that a client-provider relationship, if successful, can become an intimate partnership in which both sides benefit from a deep understanding of the other partner.

 The lunchtime keynote featuring Aubrey Turner, Executive Advisor at Denver-based Ping Identity (which also sponsored the keynote), and Sean Murphy, SVP and CISO at Seattle-area-based BECU, showcased a mature, successful relationship of exactly this sort.

What began as a simple customer-vendor agreement between Ping Identity and BECU, the fourth-largest credit union in the U.S., has evolved into a close-knit partnership in which Ping's IAM services empower BECU's growth and business activities.

In such arrangements, the security vendor is no longer just a plug-and-play provider, but an active participant whose resources are leveraged for the fullest return on investment.

The next Cybersecurity Collaboration Forum event in Seattle will be a CyberRisk CISO Dinner at the end of September, but there will be a CyberRisk Executive Boardroom event in Portland, Oregon, on June 8.

For more information on the Cybersecurity Collaboration Forum, including how to attend a CyberRisk Leadership event in your area, please visit https://www.cybersecuritycollaboration.com/.

Many thanks to Megan Gerard and Drew Klinsing of the Cybersecurity Collaboration Forum.

Paul Wagenseil

Paul Wagenseil is a custom content strategist for CyberRisk Alliance, leading creation of content developed from CRA research and aligned to the most critical topics of interest for the cybersecurity community. He previously held editor roles focused on the security market at Tom’s Guide, Laptop Magazine, TechNewsDaily.com and SecurityNewsDaily.com.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.