Looking Back at the Reporting Line of the CISO
Facebook Twitter LinkedIn

Looking Back at the Reporting Line of the CISO

Combined Session
Thursday, November 11, 2021 14:00—15:00
Location: Historic Kassenhalle

Looking Back at the Reporting Line of the CISO

The Right Reporting Line is the One that Works. Period.

The topic of the reporting line of the CISO is probably one of the oldest topics of discussion amongst cyber security communities. But why are we still here talking about it? JC Gaillard, from Corix Partners, looks back at his experience of over 20 years on the matter and his various publications on the theme and explains why the right reporting line is key to success for the CISO but separation of duties considerations cannot rule alone.

Jean-Christophe Gaillard
Jean-Christophe Gaillard
Corix Partners
Jean-Christophe Gaillard is the Founder and Managing Director of Corix Partners He is a senior executive and a team builder with over 25 years of experience developed in several global financial...

Cybersecurity: Defence Is Made of Tools, Processes and Persons. How the Cyber Risk Estimations Changes if the Human Element Is Considered

In the speech, I'll talk about why the COVID-19 forced cybersecurity experts to include the human element in the equation in a different way. I will start from my experience as scientific director of the EU project DOGANA (www.dogana-project.eu) on social engineering and will update on implications of the recent trends. In general, the defence is made of tools, processes and people. Tools and technologies evolve, processes improve (marginally), but people are always the same. If the average attack detection time does not drastically change, it means that the combined effects of the evolution of attacks and the improvement of tools compensate each other. If one wants to reduce the detection time, you must intervene in processes and people. For years, effective defence plans considered the human element an integral part of the attacks techniques. However, the defences and simulations strategies for both employees and defenders must also foresee human presence's implications. Specifically, I will introduce the FSVA Full Spectrum Vulnerability Assessment methodology that we developed.

Enrico Frumento
Enrico Frumento
Dr. Enrico Frumento is a Cybersecurity Senior Domain Specialist in the cybersecurity team at Cefriel a European and privately funded research and innovation project on ICT Security. He is the...

Enhancing User On-Line Security With Improved Decentralized Identity Governance

Trust is essential for conducting secure transactions online. The ability of users to prove their identity in a secure and assured manner is essential for many high value transactions. In this talk we will provide an overview of a governance framework for enhancing trust in online transactions through the use of decentralized identity concepts.

Abbie Barbir
Abbie Barbir
ADIA and FIDO Alliance
Abbie is an executive architect well versed in Enterprise Security Architecture (ESA), Identity Management, Web Services Security, Software Design, Data Encryption, Project Manager, Product...


On-Demand Access
Re-live CSLS 2021
Watch more than 90 sessions on-demand
Download all available presentations
Subscribe for updates
Please provide your email address