In today’s extremely fast-paced world of continuous and persistent cyber threats by mature cyber-criminal organizations and state-sponsored entities, the topic of Vulnerability Management is frequently top of mind not just within CISO organizations, but up to and including Boards of Directors. As enterprises seek to accelerate their Vulnerability Management capabilities and maturity, they encounter significant roadblocks to making progress both internally and externally.
From an external market perspective, the landscape covering Vulnerability, Threat and Exposure identification and disposition is highly fragmented. Whether consolidation and a clear market winner is in sight remains to be seen.
From an internal view, the challenge remains of efficiently managing long and fragmented toolchains that enterprises have assimilated over time – let alone making sense of the numerous tools in the realm of “identify/detect/protect/prevent,” including software scanning, software supply chain, infrastructure scanning, baseline security configuration, IAM/PAM exposures, and over-privilege management.
As dashboard fatigue and conflicting views of prioritizing Vulnerabilities, Threats and Exposures have contributed to inertia in the space, security executives need to rethink how they provide centralized governance and a consistent set of objectives over fragmented domains that moves from IT Risk to Business context aware risk management.
Please join our panel discussion with Michael Clark, Alex Moss, Chris Zanelli, and Richard Julian to hear about their views on end-to-end Vulnerability Management and actionable strategies to avoid common pitfalls.
Michael is a veteran technologist with over 30 years’ experience in large enterprise computing. He began his career as a network and server engineer at Bausch & Lomb in the early days of distributed computing before moving on to Fidelity Investments and progressively larger systems management roles.
He finished up his time at Fidelity in Enterprise Architecture, where he focused on various platform infrastructure initiatives, including leading the effort to develop a unified compute platform strategy for the firm. Michael has spent the last decade engaged in an array of global professional services activities, working with private-equity firms and startups in healthcare data management and network security.
As a Core Organizer for the annual DevOpsDays Boston conference since 2017, Michael also co-founded “Boston DevOps Network, Inc,” a non-profit aimed at promoting DevOps learning and community-building in the Greater Boston area. Since 2015, he has worked with what is now the ONUG Cloud Native Security Working Group, where he is currently co-Chair with Forrest Bennett of FedEx. In 2019, Michael worked with Nick Lippis to launch ONUG’s first set of conference tracks focused on DevOps practices.
Today, he continues to consult on Cloud infrastructure and security projects and recently launched a new podcast series: “The Wages of Cybercrime.”
Chris has worked across multiple tier 1 global banks to establish maturity in Continuous Risk Assurance, DevSecOps capabilities, Risk Assessment Automation, and practical implementations of Zero Trust principles at scale. He joins us as a speaker for his 3rd ONUG event as a hands-on practitioner and evangelist in mature practices in the IT Risk Automation and Analytics space.
Richard Julian is a principal consultant in cloud and Kubernetes security, primarily focused on security engineering automation and incident response preparation.
Register now and receive exclusive access to ONUG content and updates
Register Here