In an era marked by Shadow IT, hybrid working models, and rapid digitization, the landscape of cybersecurity is constantly evolving. With countless potential attack surfaces and vulnerabilities, organizations must prioritize understanding the unknowns to fortify their security operations. Additionally, meeting the intricate demands of regulatory reporting adds another layer of complexity. As we reflect on the insights shared today, the need for proactive measures to mitigate risks and ensure security preparedness becomes abundantly clear.



Here is the verbatim discussion:

Dave for their insights today thanks to everyone who listened in for your time investment and engagement I hope you find the session useful I also wanted to thank ciso platform fire compass and Quantum smart for having me lastly do take advantage of the complimentary scam from fire compass and the Consulting offering from Quantum smart to help you build a path forward for a more secure digital Journey until next time have a great control are gone now with Shadow it hybrid working rapid digitization there's really so many uh potential attack surfaces and vulnerabilities that are unknown to us wouldn't it be nice to get to know the unknowns have a clear handle on your security operations preparedness and in the same time meet the ever complex regul atory reporting demands that is a key piece of takeaway for for me before we wrap is there a call to action for the audience to help them explore the next steps uh Dave what about you any call to action to offer definitely we're at quto smart we're highlighting how we can help companies with their digital Journey so we're or you know reach out to why is the vendor name missing and it turned out like business one of the business unit did a proof of concept with these guys and they gave certain data to them which was exposed now knowing certain exposures like this is a very hard problem so you got to kind of know your vendors from the process and all those things classify those vendors but also have a process of going and uh scouting the internet figuring things out is there something else is there something more which is out there on the internet so uh some of those age cases is also something which organizations typically don't think about but could also be part of your vendor risk yeah good point and and sometimes when we're trying to tackle a huge topic um you know I guess the more practical strategy is just pick one or two things that are tangible and and start doing them so to our audience members if you have any strategies to manage both internal and external thirdparty risks do share with us.


Highlights :

Unveiling the Unknowns: Amidst the proliferation of potential attack surfaces, it's essential to gain insight into the unknowns. By comprehensively assessing security operations and identifying vulnerabilities, organizations can proactively address potential threats before they manifest into breaches.

Meeting Regulatory Reporting Demands: The evolving regulatory landscape necessitates meticulous compliance efforts. Organizations must not only fortify their security posture but also ensure adherence to complex regulatory requirements. This entails robust reporting mechanisms to demonstrate compliance and mitigate regulatory risks effectively.

Leveraging External Partnerships: Collaborating with external partners such as CISO platforms, Fire Compass, and Quantum Smart can provide valuable resources and expertise in navigating security challenges. These partnerships offer insights, tools, and consulting services to bolster organizations' security operations and enhance overall resilience.

Embracing Tangible Strategies: Amidst the enormity of the task at hand, it's crucial to adopt practical strategies that yield tangible results. Organizations can start by focusing on a few key areas, such as vendor risk management or internal security protocols, and gradually expand their efforts.

Sharing Best Practices: Encouraging dialogue and knowledge-sharing within the cybersecurity community is paramount. Organizations can benefit from sharing strategies, challenges, and successes with peers, fostering a collaborative approach to risk management.


As we conclude today's discussion, the imperative for robust third-party risk management and security preparedness remains paramount. By embracing proactive measures, leveraging external partnerships, and prioritizing regulatory compliance, organizations can navigate the complexities of the digital landscape with confidence. Let us heed the call to action, embracing tangible strategies and fostering collaboration within the cybersecurity community to fortify our defenses and safeguard against emerging threats. Together, we can embark on a secure digital journey, equipped with the knowledge and tools to confront the challenges ahead.



Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.



Ms. Nasheen Liu strong reputation in the Technology community is built upon her proven track record as a leader who practices what she preaches. Results driven, focused, determined and creative, Ms. Liu approaches business management with integrity, sound common-sense principles and unconventional strategy. Ms. Liu’s expertise in technology marketing, C-suite conversations and executive branding in the digital age makes her a well-rounded knowledge expert, a skilled listener and an excellent communicator.


Dave Lawy, based in Toronto, ON, CA, is currently a Managing Director at Quantum Smart Technologies, bringing experience from previous roles at Harvard Business Review and Gartner Research Board. Dave Lawy holds a McGill University. Dave Lawy has 6 emails and 1 mobile phone number on RocketReach.


Pritha Aash, managing parts of content strategy and marketing in a startup called FireCompass. The team has built things first time in the world and i'm overexcited to be part of it. I decided to share some of it and more. I'm an Information Technology Engineer. Prior to that I did my schooling from Sri Aurobindo, Loreto House, Loreto Convent Entally, Kolkata. I like to volunteer in interest groups, communities to help the world we live in be a better place. Currently volunteer at WWF, Khan Academy, SaveTrees.



E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)



CISO Breakfast at BlackHat Las Vegas 2024!

  • Description:

    We are thrilled to invite you to the CISO Breakfast at BlackHat 2024. 

    CISOPlatform is a community partner for the event which is co-hosted by Silicon Valley Bank, Stage One, First Rays Venture Partners, Latham & Watkins.


    Event Details: 

    • Date: Thursday, August 8th,…
  • Created by: pritha
  • Tags: blackhat usa, las vegas, ciso breakfast, usa