Virtual Roundtable: CISO-DevOps 360 – DACH
9 September 2020
12:30-14:00 Central European Summer Time (CEST)
Implementing controls without telling anyone what to do?
*There is no cost to attend for in-house practitioners, CISOS, Developers, Heads of Architecture, Networks, Applications, CIOs… Places are limited to 15 guests for this event to maintain the focus of the discussion and to ensure the participation of all guests. Confirmations will therefore be done on a ‘first to confirm’ basis.
You are invited to attend this special virtual discussion, CISO-DevOps 360 Roundtable – Germany and Austria, developed specially for CISOs based in Germany and Austria that will be hosted virtually during lunchtime on Wednesday 9 September 2020. During the discussion you will benchmark operational security capabilities with peers. You will also learn from the experiences of veteran security researcher and a fellow CISO from Germany and Austria, how we can define and embed an agile approach to security to ensure that we work at the pace of digital product teams.
Hosted by Pulse Conferences, sponsored by Snyk, we will connect peers for an energetic debate on the practical approaches, realities, challenges and successes. All participants are encouraged to contribute throughout for this digital face to face benchmarking event. Your co-chairpersons for this discussion are fellow CISOs: Rainer Rehm, who is ISO of Zooplus AG the President of (ISC)² Germany Chapter, and former Information Security Officer at MAN, where he was responsible for the management of the Information Security Office and Information Security Management Systems to the Council for 5 years and Thomas Owen, Head of Information Security and Risk at Snyk.
Some of the comparative views that are sure to emerge around the virtual table include questions such as:
- How can we prevent vulnerabilities in application security?
- What is best practice when creating and developing containers?
- Secure development when working from home — tips and tricks. Read more here!
- How can we mitigate the risks of open source code and containers without hindering your dev team and application delivery?
- What are proven ways we can bridge the gap between projects and operations by using agile techniques in development, project management, and system administration?
The discussion is conducted under The Chatham House Rule of non attribution.
Clive Room, Director, Pulse Conferences will top and tail the discussion as your esteemed Master of Ceremonies.
Please see the approximate timings below for this very special event – a unique opportunity to compare. If you can accept, please click on the Register button to confirm your place at the virtual table!
We look forward to seeing you on Wednesday 9 September, 12:30-14:00 CEST for what promises to be an educational, memorable – as well as entertaining – discussion with peers!
Yours sincerely,
Team Pulse
Timings – Note – All times listed for this event are in Central European Summer Time (CEST)
The agenda is relatively fluid to ensure that all participants have the opportunity to contribute – everyone is a speaker! The below agenda provides a guidance.
12:30- 12:40
Digital House-Keeping and Guest Welcome
Master of Ceremonies: Clive Room, Director, Pulse Conferences
12:40-12:50
Introduction and insights on the topics
Co-Chairpersons – Rainer Rehm, ISO, Zooplus AG and Thomas Owen, Head of Information Security, Snyk
12:50- 13:55
Main discussion
Implementing controls without telling anyone what to do!
- How can CISOs gain some control on transformation projects from the outset?
- How can CISOs better position themselves as enablers?
- How can we bridge the gap between projects and operations by embedding agile techniques in development, projects and systems?
- How can we prevent vulnerabilities in application security?
- What is best practice when creating and developing containers?
- Secure development when working from home — tips and tricks. Read more here!
- How can we mitigate the risks of open source code and containers without hindering your dev team and application delivery?
- What are proven ways we can bridge the gap between projects and operations by using agile techniques in development, project management, and system aministration?
13:55– 14:00
Summaries and Goodbyes
Sponsored by
Hosted by
Co-led by
Rainer Rehm, ISO, Zooplus AG
CISO and DPO, security workforce development advisor, trusted board advisor
An authorised CISSP Instructor, Rainer is currently the ISO of Zooplus AG and President of (ISC)² Germany Chapter, of which he is one of the co-founders. Rainer was previously at MAN, where he was responsible for the management of the Information Security Office and Information Security Management Systems to the Council for 5 years. He is also a multiplier for the Alliance for Cybersecurity, an initiative from BSI and Bitkom. Mr. Rehm is an official (ISC)2 instructor and also regularly contributes to the development and maintenance of the (ISC)2 CBK®, a compendium of cyber, information, software and infrastructure security topics that underpin (ISC)2’s credentials. He previously held a senior post in information security with Nokia Siemens Networks, and worked as a consultant serving international clients with CompuServe and Softlab. In addition, Mr. Rehm teaches information security and data protection at German adult education centres in Munich. Rainer studied information technology at the University of Munich and holds the CISSP, CISM and CCI Munich credentials.
Thomas Owen, Head of Information Security & Risk, Snyk
Thomas is a cloud-literate, innovative and strategic IT and security leader with a blend of people, policy and technical experience. He is able to articulate and engage at all levels of the business, from a SOC analyst or DevSecOps to the Board and believes that success is built on empathy, respect, collaboration and communication. He aims to be an agent of positive change and enable business performance and growth, whilst allowing the board to better understand, articulate and address their real risk posture. Workplace interests include: Fostering positive ethics, engagement and inclusivity; Making compliance and risk management operationally effective; Encouraging dialogues around privacy; Collaborative ways of working.
Master of Ceremonies
Clive Room, Director, Pulse Conferences
Clive has worked as a marketeer within cybersecurity since 2000. As the Marketing Manager at Portcullis Computer Security he organised all their bespoke events from seminars to hospitality events like the famous Portcullis Arms during Infosec. He was also responsible for their involvement with conferences and exhibitions all over Europe. His experience in promoting and presenting at cyber security events is matched by his passion for helping people understand the critical importance of mitigating the risks and protecting themselves and their organisations from cybercrime. He believes that in terms of reputational damage and operational costs, security breaches should be a key concern of everyone from the ground floor worker up to board and director level. Clive was Chairman of The White Hat Committee, the charity for the information security industry, which raises money for ChildLine and Barnardo’s throughout the year. This January’s White Hat Ball was the most successful to date raising over two hundred thousand pounds and the next White Hat Car Rally is in September. Clive is proud to be a part of the dynamic team bringing CISO 360 Congress to the marketplace as a game changer in cybersecurity events.
About the Sponsor
Snyk is a developer-first security company that helps software-driven businesses develop fast and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Snyk’s solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix. For more information or to get started with Snyk for free today, visit https://snyk.io.