by Sean Martin, CISSP, Editor in Chief, ITSPmagazine
Thanks to an invitation from ARPR and Baker Donelson, I had the opportunity to spend the week in Atlanta, Georgia for their annual CyberCon conference. This year, the host of the conference, Baker Donelson, partnered with the Metro Atlanta Chamber to turn the 1-day conference into a week-long series of Atlanta-area events and activities. I attended as many of the sessions as I humanly could. This recap provides some highlights from the week.
Breakfast with a General
I kicked off the week by joining a financial services group as they met and heard from retired U.S. Army Chief of Staff General Raymond T. Odierno. Odierno talked about his experiences in cybersecurity as part of the U.S. military. An advisor to J.P. Morgan Chase’s CEO on security and its impact on business and the market, Odierno shared stories with the firm’s employees and guests, covering topics such as election hacking, vulnerabilities in the power grid and other critical infrastructures, and the need to use intelligence to fight intelligence.
A FinTech Battle: Atlanta vs Dublin
Later in the day, Fintech Atlanta (@fintechatlanta) and Fintech Ireland (@FintechIreland) joined forces to create a unique event that brings together two great FinTech communities. While both cities would end up naming a winner, each had an opportunity to allow three companies to pitch their offering to the audience. The cool thing about this event – which was held in The Garage at Tech Square in Atlanta, Georgia and The Dublin Business School in Dublin, Ireland – is that it was being streamed live via Google Hangouts to both locations.
Participating planning companies and groups:
- Peter Oakes, Founder, Fintech Ireland
- Peter O’Halloran, Organizer
- Dublin Business School
- Metro Atlanta Chamber
- First Data
- Global Payments
- Payments & Cards Network
During the event, six FinTech startups had the opportunity to pitch their products and companies in a FinTech Battle.
The winner from Ireland was: Know Your Customer
The winner from Atlanta was: Authomate
The winners from each location won a subsidized trip to the opposite location so they could connect with other FinTech companies, innovators and dealmakers.
Innovation Accelerator CISO Meetup and Panel
That evening, a meetup powered by Baker Donelson’s Cybersecurity Accelerator was held at the Baker Donelson offices in Buckhead with support from the Atlanta Regional Commission. The officeful of startup FinTech companies in attendance were joined by a few handfuls of CISOs.
In addition to the networking portion of the event, Justin Daniels, one of the founders of Atlanta Cyber Week, moderated a panel of CISOs as they answered questions related to how they look at startup technologies, how they look for solutions to their most pressing business problems, and how they handle sales calls from security vendors. The biggest takeaway from the panel was their recommendation that all vendors listen and provide a solution-oriented (not tech-oriented) response directly related to specific problems their organization is facing.
Here are a few additional questions, answers, and comments captured during the meetup:
2017 brought the third annual Atlanta Cyber Week’s flagship event, Cybercon, to the Georgia Tech Global Learning Institute. The full-day conference, which set a new attendance record, had representatives from academia, industry, and government. On hand were a number of Fortune 1,000 CISOs, entrepreneurs, researchers, and educators from around the world (and a large number of them hailed from Ireland and Israel).
Attendees were treated to a keynote fireside chat with Joe Whitley from Baker Donelson and Nadav Zafrir, co-founder and CEO of Team8, Israel’s leading cybersecurity think tank and venture creation foundry. One of Zafrir’s opening comments struck home, as it was very similar to the discussion I have been part of over the past few weeks. I’m paraphrasing a bit here, but Zafrir essentially said: “We are layering ourselves to death. And, in doing so, we are becoming less protected and even less productive.”
Watch Nadav's full discussion on Periscope below:
Here are some of Zarfir’s highlights captured by the attendees:
Later in the day, there was an 11-company product pitch speed session. The following companies had a chance to share a bit about their companies and their offerings with the CyberCon audience (Name, Company, HQ):
Abhirukt Sapru, Check Recipient, England (video)
Kendall Kent, eSentire, Ontario (video)
Whitney Armistead, Apptega, Georgia (video)
Jonathan Daly, Intsights Cyber Intelligence, New York (video)
Jonathan Dambrot, Prevalent, New Jersey (video)
Danelle Au, Safebreach, California (video)
Andrew Gowasack, TrustStamp, Georgia (video)
David Shipley, Beauceron Security, New Brunswick (video)
Wyatt England, Validsoft, England (video)
James Lee, Waratek, Georgia (video)
Tim Bradford, Witfoo, Georgia (video)
Following the pitches, a panel of media professionals provided their personal take on cybersecurity news and trends. Joined by Tara Seals from Information Security Magazine and Jeff Roberts from Fortune Magazine, I found myself sitting on a panel for a change; this offers a very different perspective than the traditional moderation role I would normally hold.
The conversation was led by Ryan Toohey, senior managing director of strategic communications at FTI Consulting. Toohey guided us through a conversation around Equifax, an Atlanta-based organization that recently experienced one of the largest breaches we’d seen in a long time. While we spent a lot more time on this topic than I wanted to, the audience was very interested in our views on how we handled the notification and breach communications. My view, essentially, is that it appears that Equifax hadn’t properly prepared for a breach, and therefore struggled with the communications that surrounded it.
In addition to Equifax, we also covered fake news and tech trends. Since ITSPmagazine doesn’t cover news, per se, my responses focused on our editors who produce thought-leading stories from a growing number of credible contributors. These experts bring with them the knowledge and guidance that both consumers and businesses need as they face the challenges associated with protecting the systems and information that matter most to them.
From the trends perspective, one audience member asked about blockchain as a viable technology – specifically its use outside of the popular currency, Bitcoin. I said I was familiar with at least a couple companies that were developing blockchain technologies to combat cyber-attacks. A new one was added to my personal list, Verady, as they presented during the Atlanta/Ireland FinTech battle earlier in the week.
One of the more challenging areas in cybersecurity where I see blockchain technologies helping is with data integrity and transaction assurance; both are critical aspects of information security, as everything gets connected, generates data, manipulates data, and stores data. Making sure the decisions and actions being taken are based on real, unaltered data will be paramount.
Watch the media panel’s full discussion on Periscope below:
National Technology Security Coalition CISO Policy Conference
Following the CyberCon event, a large number of CISOs kicked off their own event that evening. The dinner, which preceded their full-day event the next day, offered a fantastic opportunity to connect with some of the top CISOs in the country. As my conversations were off the record, I won’t share any details here. Suffice to say, these folks are tackling some of the toughest challenges that businesses face and I have the utmost respect for them and the work that they do on a daily basis.
Equally important is the work that National Technology Security Coalition (NTSC) is doing. Just over one year old, the Atlanta-born group organized this event – their inaugural CISO Policy Conference, which is designed to give CISOs and other cybersecurity stakeholders an opportunity to share ideas and prepare actions designed to educate policymakers about issues impacting their business and ensure that the policy priorities of the technology and security industries are heard on Capitol Hill while taking the opportunity to learn from each other in the process.
To learn more about NTSC, you can visit https://www.ntsc.org/.
IoT, IT, OT
Mixed in with the formal activities were a number of local and regional meetups. One of the more topical meetups, for me at least, was one held at Tech Square Labs which combined cybersecurity panels that spanned information technology (IT), operational technology (OT), and the Internet of Things (IoT). The common theme across all of them? Data protection and privacy.
Here are a few tweets that capture the essence of this meetup:
To learn more about this meetup and some of the folks that make it happen, you can visit:
Just prior to my departure, I had the treat of experiencing a local TED Talk event, the TEDxPeachtree where Justin Daniels (you remember him from above, right?) spoke about the need to “step forward” when it comes to cybersecurity. In Justin’s message to the audience, he made it perfectly clear in his message – a view that I share – that we all hold the key to a cybersafe environment.
While a few folks I spoke with throughout the week don’t like to compare Atlanta with Silicon Valley, I found myself comparing it to other startup scenes that I am familiar with: Innovate Pasadena (I am a volunteer) and Silicon Beach (I live in LA), to name two.
Although I haven’t spent a ton of time exploring the ins and outs of Silicon Beach, my initial comparison of the two startup towns is that Atlanta has a few unique elements which make it an attractive spot to start and do business. Here are a few that I captured during the week:
- Atlanta has a history of cybersecurity with the founders and employees of the wildly successful company, Information Security Systems (ISS), which was later acquired by IBM. A number of these folks have started new companies, are investing in companies, and are advising new startups in the area.
- With a strong technology and cyber curriculum, and even a Master of Science in Cybersecurity, there is a ton of cybersecurity talent coming out of Georgia Tech, not to mention the other surrounding universities.
- The region has a significant number of Fortune-ranked companies available to startups and a built-in set of prospects to explore as potential customers. While nothing is a given, of course, it seems that these companies are open to listening and to trying new things presented to them by the local startup community.
- The Hartsfield-Jackson Atlanta International Airport has been recognized as the busiest airport in the U.S. giving it access to pretty much everywhere in North America and beyond.
Another difference that is a bit more subtle – but possibly more meaningful – is the culture of the city. While some cities may claim to be ‘The Next Silicon’ place, pretty much every Atlanta-based company and everyone from Atlanta that I spoke with throughout the week didn’t focus on being ‘the next’ at the expense of the other companies in the area. Rather, instead of talking, they demonstrated with actions just how they will all succeed as a community by working together. This, to me, was way more powerful than any claim to be, let’s say, the next “Silicon Peach.”