AWS executive Giancarlo Casella explains how organizations can navigate global privacy regulations and achieve compliant international expansion using AWS's privacy reference architecture.

Topics Include:

• Welcome to executive forum on security and Gen AI
• Introduction of Giancarlo Casella from AWS Security Assurance Services
• AWS helps organizations with compliance and audit readiness
• Global expansion requires understanding local privacy laws
• Germany and France interpret GDPR differently
• Germany has Federal Data Protection Act (BDSG)
• France focuses on consumer privacy through CENIL
• Risk of non-compliance includes fines and reputation damage
• Privacy laws existed in only 10 countries in 2000
• EU Privacy Directive of 1990 was prominent
• By 2010, forty countries had privacy laws
• HIPAA and GLBA introduced in United States
• Now over 150 countries have privacy regulations
• 75% of world population under privacy laws soon
• Regulations are vague and open to interpretation
• GDPR example: encryption requirements lack specificity
• Need right stakeholders for privacy compliance
• Legal team must lead privacy interpretation
• Engineering implements technical privacy aspects
• Risk and compliance teams coordinate evidence gathering
• Data Protection Officer oversees entire program
• CIO, CTO, CISO alignment creates strong foundation
• Security transforms from bureaucratic to revenue enabler
• AWS develops cloud-specific privacy reference architecture
• Industry standards provide guidance frameworks
• AWS privacy reference architecture focuses on cloud specifics
• Data minimization and individual autonomy are key
• Case study: Middle Eastern AI company expands to Canada
• Company used CCTV at gas stations
• Created privacy baseline and roadmap
• Data flow documentation essential for compliance
• Continuous compliance strategy helps enable success
• Aligning stakeholders across different organizational lines
• Future of US federal privacy regulation discussed
• Discussion of responsible AI usage requirements

Participants:

• Giancarlo Casella - Head of Business Development and Growth Strategies, AWS Security Assurance Services

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

Haggai Polak – Chief Product Officer, Securonix and a veteran cybersecurity expert examines how artificial intelligence, quantum computing, and resource constraints are fundamentally transforming the threat landscape for security leaders

Topics Include:

• AI transformation of cybersecurity landscape from past tactical focus
• CISO accountability and regulatory pressures increasing significantly
• Attack surface expanding beyond traditional network boundaries
• Quantum computing threatens current cryptographic protections
• Defenders remain understaffed and outmatched against sophisticated threats
• Securonix leads SIEM/SOAR space with 1000+ global customers
• World Economic Forum identifies misinformation/disinformation as major crisis
• AI benefits attackers more than defenders currently
• Small/medium enterprises falling below cyber poverty line
• AI enables faster, more sophisticated malware development
• Deepfakes caused $25M loss in Hong Kong CFO impersonation
• Digital tsunami: broadband, IoT, cloud everywhere expanding attack surface
• 50+ democracies face election security challenges in 2024
• Cloud intrusions increased 75% between 2022-2023
• Quantum-resistant cryptography transition needed within 10 years
• SEC regulations require specific cybersecurity incident disclosure guidelines
• 4 million unfilled cybersecurity positions globally
• Cybercrime-as-a-Service growing, estimated $1.6B annual revenue
• 81% of organizations faced ransomware attacks in 2023
• Insider threats increasing with remote work adoption
• 30,000+ vulnerabilities published last year, half critical/high
• Mean time to exploit now 44 days
• Securonix Eon leverages AI to increase analyst efficiency
• Dark web selling corporate credentials for $10,000
• Balance needed between protection and detection/response investments

Participants:

• Haggai Polak – Chief Product Officer, Securonix

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

Dr. Yanbing Li, Chief Product Officer at Datadog, outlines how the company has integrated AI and automation into its incident response framework, helping customers manage both traditional security challenges and emerging AI-specific risks.

Topics Include:

• Introduced talk about incident response and CISO liability
• Datadog founded 14 years ago for cloud-based development
• Platform unifies observability and security for cloud applications
• Current environment has too many fragmented security products
• SEC requires material incident reporting within four days
• Datadog's incident response automates Slack room creation
• Response team includes Legal, Security, Engineering, and Product
• System tracks non-material incidents to identify concerning patterns
• Real-time telemetry data drives incident management automation
• On-call capabilities manage escalation workflows
• Datadog uses own products internally for incident response
• Company focuses on reducing time to incident detection
• AI brings new risks: hallucination, data leaks, design exploitation
• Bits.ai launched as LLM-based incident management co-pilot
• Tool synthesizes events and generates incident summaries
• Bits.ai suggests code remediation and creates synthetic tests
• Security built into AI products from initial design
• Prompt injection prevented through structured validation approach
• Sensitive data anonymized before LLM processing
• Engineering and security teams collaborate closely on AI
• LLM observability becoming critical for production deployments
• Customers need monitoring for hallucinations and token usage
• Datadog extends infrastructure monitoring into security naturally
• Company maintains strong partnership with AWS
• Q&A covered Bits.ai proactive capabilities and enterprise differentiation

Participants:

Yanbing Li – Chief Product Officer - Datadog

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

Sanjay Kalra of Zscaler and Randy DeFauw of Amazon Web Services explore the hidden dangers of generative AI security—from invisible text manipulation and deep fakes to data poisoning and dark AI models—while offering practical strategies for protecting your enterprise in this era of generative AI.

Topics Include:

• AI security threats grouped into data, malicious use, trust/safety
• Data security critical for SaaS-based AI services
• Model training data vulnerable to poisoning and manipulation
• GenAI lacks traditional data deletion capabilities
• Access controls difficult once data becomes model embeddings
• Prompt injection attacks becoming widespread, with libraries available online
• Deepfake scams increasing in sophistication and frequency
• AI enhancing phishing attacks with better written content
• Dark AI models emerging specifically for malicious purposes
• Model hallucinations being exploited for security attacks
• AI accelerating analysis of stolen data
• Shadow AI usage by employees poses security risks
• Existing vendor AI integration creating unexpected security challenges
• Fine-grained access controls essential for AI applications
• PII protection critical in both inputs and outputs
• Comprehensive prompt and response logging necessary
• Invisible text manipulation emerging in resumes and RFPs
• Model fine-tuning can compromise built-in security guardrails
• Multi-language inputs create new security considerations
• Competition-sensitive content requires careful AI management
• AI firewalls needed for input/output monitoring
• Regular security testing required for AI models
• AI compliance standards emerging globally
• Multi-modal AI creating new security challenges
• Browser isolation helping control AI application usage

Participants:

• Sanjay Kalra – Product Management at Zscaler
• Randy DeFauw – Senior Principal Solutions Architect, Amazon Web Services

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

This illuminating conversation with CyberArk's SVP of Finance, Nili Serr-Reuven, reveals how the 25-year-old cybersecurity leader successfully transformed from a traditional software company to a SaaS business model in just five quarters - far faster than the industry standard of 2-2.5 years - while maintaining strong margins and customer trust throughout the transition.

Topics Include:

• Introduction to SaaS transformation challenges and opportunities.
• Tomaz Perc introduces Nili Serr Reuven from CyberArk.
• Overview of CyberArk's 25-year history and milestones.
• Transition from a perpetual model to SaaS.
• CyberArk's accelerated transformation in just five quarters.
• Challenges of shifting from product-centric to customer-centric.
• Importance of market research and peer consultations.
• Key role of cross-functional collaboration in success.
• Explanation of "swallowing the fish" in SaaS.
• Managing short-term revenue drops during SaaS transformation.
• CyberArk's 70% SaaS revenue share post-transformation.
• Impact of global economic challenges on business strategy.
• CyberArk's robust demand for identity security solutions.
• Strategic leadership's role in transformation execution.
• CyberArk's disciplined financial planning during uncertainty.
• Establishing KPIs like ARR and customer satisfaction.
• Managing rising cloud costs with FinOps practices.
• CyberArk's approach to pricing and packaging SaaS solutions.
• Leveraging acquisitions to speed up SaaS capabilities.
• Impact of transformation on CyberArk's finance department.
• Evolution of finance roles to support SaaS growth.
• Communication with investors during transformative periods.
• The importance of cultural shifts in transformation success.
• Continuous learning, transparency, and collaboration as cornerstones.
• Advice for future SaaS leaders: plan, communicate, adapt.

Participants:

• Nili Serr Reuven – SVP Corporate Finance, CyberArk
• Tomaz Perc – SaaS Business Lead, Amazon Web Services

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

Soumya Banerjee, Associate Partner at McKinsey and Company, shares a comprehensive data-driven exploration of how generative AI is transforming the cybersecurity landscape, revealing emerging threats, organizational challenges, and strategic opportunities for security professionals.

Topics Include:

• AI's transformative potential in cybersecurity
• Survey of 500 cybersecurity professionals
• Generative AI's impact on security landscape
• Rising sophistication of phishing attacks
• Threat actors leveraging generative AI
• Deepfake technologies circumventing biometric controls
• Cybersecurity companies' valuation and growth
• Platform versus point solution debates
• Expanding cybersecurity attack surfaces
• Cloud security emerging as top priority
• AI use cases in threat detection
• Generative AI risks for organizations
• Securing AI investments and budgets
• Data protection and sensitive information challenges
• Regulatory scrutiny of AI technologies
• Talent gaps in cybersecurity sector
• Evolving cyber insurance risk models
• Identity and access management trends
• API and machine identity security
• LLM prompt and data protection
• Enterprise strategies for AI adoption
• Emerging technologies for cybersecurity defense
• Partnerships between cybersecurity vendors
• Disclosure risks in generative AI
• Future of cybersecurity technology landscape

Participants:

· Soumya Banerjee – Associate Partner at McKinsey and Company

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

Brendan Ittelson, Chief Ecosystem Officer of Zoom and Fedrico Torreti of AWS share how Zoom and AWS are leveraging generative AI to revolutionize application development, enhance cross-app personalization, and streamline user experiences with intelligent communication tools.

Topics Include:

• Introduction of speakers and session overview.
• Generative AI's disruptive impact across industries.
• Reimagining customer experiences with generative AI.
• Driving productivity through AI-powered applications.
• Challenges faced by application developers with AI integration.
• Importance of AI as a collaborator, not replacement.
• Cross-functional workplace complexity with multiple apps.
• Reducing task redundancy via generative AI automation.
• Case study: AI accelerating creative project briefings.
• Business outcomes achieved through thoughtful AI implementation.
• McKinsey and Gartner projections on generative AI's potential.
• Top use cases: R&D, customer operations, sales, marketing.
• Bridging data silos for richer user experiences.
• Security and compliance challenges in AI implementations.
• Zoom's federated model for adaptable AI architecture.
• Meeting summaries powered by Zoom AI Companion.
• Expanding generative AI into chat, whiteboards, voicemails.
• Vision for AI amplifying, simplifying, and delegating tasks.
• Integrating external data for personalized user experiences.
• Open platform approach for seamless data exchange.
• AI Companion empowering users with actionable insights.
• Role of AWS in enabling AI-first solutions.
• Addressing notification overload with smarter AI design.
• Enhancing end-to-end workflows with unified AI tools.
• Encouragement for developers to embrace thoughtful AI adoption.

Participants:

• Brendan Ittelson - Chief Ecosystem Officer, Zoom
• Fedrico Torreti - Head of Product, AppFabric, AWS

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/