Security’s Confidentiality, Integrity and Availability (CIA) Triad - Outdated or Still Relevant?
Sponsored By:
Wednesday, November 20
1 pm ET
Are confidentiality, integrity, and availability still enough, or is it time to evolve our thinking? Join Chris Lindsey and a panel of tech leaders from leading enterprises, for a dynamic discussion on the relevance of the CIA Triad in modern security practices. We’ll explore whether the triad needs to be replaced by more advanced models, such as assigning weighted risk scores or other emerging frameworks for defining security incidents.
The panel will also dive into what constitutes a Zero-Day threat, using the classification of CrowdStrike as a case study. Was it appropriately labeled a Zero-Day? Gain actionable insights from top security leaders, on how they navigate these challenges and how you can better prepare your organization.
Register today!
Key Takeaways:
- Exploring whether the triad needs to be replaced by more advanced models, such as assigning weighted risk scores or other emerging frameworks for defining security incidents.
- Diving into what constitutes a Zero-Day threat, using the classification of CrowdStrike as a case study.
- Gaining actionable insights from top security leaders, on how they navigate these challenges and how you can better prepare your organization.
Register Below:
We'll send you an email confirmation and calendar invite
Chris Lindsey
Application Security Evangelist - Mend.io
Chris Lindsey is a seasoned speaker who has appeared at conferences, webinars, and private events. Currently building an online community and creating a podcast series, Chris draws on expertise from more than 15 years of direct security experience and over 35 years of experience leading teams in programming and software, solutions, and security architecture. For three years, Chris built and led an entire application security program that includes the implementation of mature AppSec programs, including oversight of security processes and procedures, SAST, DAST, CSA/OSA, compliance, training, developer communication, code reviews, application inventory gathering, and risk analysis.
Chris Madden
Distinguished Technical Security Engineer - Yahoo
Chris Madden has worked as a software engineer and system architect building secure trustworthy software at scale for embedded and cloud for more than 20 years. He likes to understand things deeply - and uses data analysis and dumb questions to build that understanding. He’s not big on titles, hierarchy or status quo, and dislikes happy thoughts and assumptions. He works at Yahoo Product Security team. Yahoo delivers value to customers through software; Chris exists to help developers deliver high quality software efficiently and securely.His primary focus is Risk-based prioritization at scale across the DevSecOps pipeline. He recently led an effort with some industry thought leaders to publish an open source Risk-based prioritization guide - https://riskbasedprioritization.github.io. He is also an active contributor to the Proactive Software Supply Chain Risk Management (P-SSCRM) standard. In his personal time, he's applying LLMs to assist vulnerability management at scale: Working with MITRE CWE Root Cause Working Group to assist CWE assignment and KeyPhrase Extraction. Reviewing and reporting incorrect CWE assignments by CISA Vulnrichment - https://github.com/cisagov/vulnrichment
Rob Wood
Consulting CISO - TrustCISO
Rob Wood is a seasoned cybersecurity leader with 30 years of experience across multiple sectors, including tech, financial services, defense, and public sector. He has held executive roles such as CISO and security consultant, specializing in building and leading security teams and business-aligned security programs, managing risks, creating and managing strong security cultures, and serving customer trust. He is a technologist at heart, but with a keen focus on “enterprise trust”, business strategy, communication and cultural factors, mentoring new cybersecurity talent, and he has actively advised or been a board member for industry bodies including CSA, ISC2, and SANS.
Phil Guimond
Principal Information Security Architect - Paramount
Phil Guimond is a well-rounded and consistently high performing Information Security professional and Software Engineer with experience in building transformational, massively scalable and long-lasting Application, Cloud Security and Pentesting programs for SMBs and large corporations.
Toby Jackson
Information Technology Security Leader, Strategist, and Architect - Imperial PFS
Toby Jackson is an experienced Information Technology Security Leader, Strategist, and Architect with broad experience in all aspects of IT security and governance. Background includes small and large finance, insurance and healthcare organizations where he has been responsible for the development, implementation, maturity and building of the IT Security Program for multiple organizations with a hybrid of AWS, Azure and private cloud SAAS, PAAS and IAAS offerings and PCI payment processing environment.
Saoirse Hinksmon
Senior Product Manager - Mend.io
Saoirse Hinksmon leverages her decade of experience across application and network security to drive successful product launches at Mend.io. Working closely with the product team, she brings a holistic perspective to AppSec, ensuring new features empower developers and AppSec professionals alike to build secure software.
