SecurIT Conference
 
Thursday, February 15, 2018
8:00 am - 9:00 amRegistration and Networking Breakfast
9:00 am - 9:10 amWelcome and Opening Remarks
Bob Bragdon, Publisher, CSO


9:10 am - 9:55 amManaging Risk Across the Partner Ecosystem
Jerry Archer, SVP & CSO, Sallie Mae

Every organization operates with an ecosystem of business partners, and the larger the organization, the more vast the ecosystem, from contractors to supply chain and technology partners.  How can you ensure that every organization with which you do business complies with your policies?  What measures should you put in place to penalize non-compliance?  And what plans should you have in place if -- or when -- a provider fails or is breached?

View Presentation

9:55 am - 10:15 amThink Your Network is Safe? Check All of Your Endpoints.
Pam Dill, Senior Security Consultant, HP Inc.

While you invest time, resources and millions of dollars in protecting endpoints and network perimeter, are you addressing one of the largest footprints on your network? While printers and other endpoints may not be front-of-mind as primary security threats, this infrastructure may be allowing hackers and malware to take the easy route to your network and data. Join us for this session where we’ll share examples of breaches and how some of the most secure organizations are still lagging in overall security for critical endpoints like printers. We’ll also share best practices on how to most-effectively secure these critical endpoints.


10:15 am - 10:45 amRefreshment & Networking Break
10:45 am - 11:30 amOrganizational Models for Risk Governance in Today’s World
Bob Bragdon, Publisher, CSO
Nick Akerman, Partner, Dorsey & Whitney LLP
Chiranjoy (CJ) Das, CIO, SimpleTire
Michael Garcia, VP, Development Services, Fannie Mae
Rich Licato, CISO, ARC

Common to every medium-sized or larger organization are basic functional roles including CIO, CISO, CFO, General Counsel, CEO and Board Director.  And while some executives might have multiple roles, these functions are what collectively manage organizational risk and security.  What are the various reporting models for IT security today, and which ones are most effective at managing risk?  To which function (or functions) is the CISO role accountable?  We’ll explore whether traditional organizational structures are sufficient for today’s intense IT risk environment, and where best to adopt current and new approaches.

11:30am - 11:50 amPublisher’s Panel: Securing the Evolving IT Environment
Bob Bragdon, Publisher, CSO
Jeff Gilhool, Solutions Architect , Lookout
John Westerman, Regional Systems Engineer , Illumio

In this fast-paced session, industry expert panelists will weigh in with their views on the latest security news and how it is affecting customers in this new era of threats. Citing specifics from their customer engagements, the panel will talk about the problems their customers are facing and how they are addressing them. The'll also share their thoughts on enterprise security in the future when IT environments are rife with IoT, AI, augmented reality, and of course, even more data.

12:00 pm - 1:15 pmLuncheon with Table Discussions

Building a Cyber Resilient Print Infrastructure, hosted by HP, Inc.
Reducing Cyber Risk and Achieving Compliance with Adaptive Micro-Segmentation, hosted by Illumio
The Overlooked Endpoint: Securing Mobile Devices, hosted by Lookout

1:15 pm - 2:00 pmFacing the Inevitable: New Risks of IoT and All Things Attached to the Network
Bob Bragdon, Publisher, CSO
Jerry Archer, SVP & CSO, Sallie Mae
Charles A. Mance, Director, Communications & Technology Support Services, The George Washington University

The promise of the Internet of Things (IoT) and the endless devices attaching to enterprise networks are creating countless opportunities for many organizations. At the same time, they present unprecedented and unforeseen risks. Join us for this discussion where we’ll ponder the frontiers of this inevitable world – and touch on how organizational survival will likely involve quantum computing, artificial intelligence, and concepts like Massively Integrated Systems of Smart Transducers (MIST), which can enable things to sense their surroundings and intervene for better outcomes.

2:00 pm - 2:45 pmSame Threat, Different Day: Minimizing Insider Threats and Risks
Bob Bragdon, Publisher, CSO
Nick Akerman, Partner, Dorsey & Whitney LLP
PN Narayanan, CIO, Pennsylvania Treasury Department
Michael Theis, Assistant Director for Research, National Insider Threat Center, at the CERT Division, Carnegie Mellon University

Whether they’re innocent errors made by well-meaning employees or malicious attempts by insiders to steal assets or interrupt business operations, the insider threat is evergreen.  And just as the threat is evergreen, so is the opportunity since insiders are enabled and emboldened by the digitized enterprise.  What approaches do insider experts recommend to curb the threat in this environment?  What new tactics are malicious insiders using?  We’ll dissect recent breaches attributable to insiders and prescribe a course of action any organization can take to mitigate the insider threat.


2:45 pm - 3:05 pmRefreshment and Networking Break
3:05 pm - 3:50 pmBack to Basics: Data Protection and Its Escalation to Mission-Critical
Bob Bragdon, Publisher, CSO
Gus de los Reyes, CISO, Brown Advisory
Donna F. Dodson, Chief Cybersecurity Advisor, National Institute of Standards and Technology
Al Raymond, Executive Director, Privacy Compliance Lead, JPMorgan Chase

Not long after the dust settles from a massive breach, the public (and shareholders) learn that the root cause of the breach was something simple:  patches weren’t made, or routine procedures weren’t followed.  How are basics being overlooked?  How is IT architecture compounding the problem?  When are customized interfaces to web-based applications and open source code to blame?  We’ll examine the roots of many vulnerabilities and how guidelines from the National Institute of Standards and Technology (NIST) can help stem the crisis.

3:50 pm - 4:35 pmGDPR and Beyond: Addressing the Teeth that Really Matter
Robert E. Cattanach, Partner, Cybersecurity Group, Dorsey & Whitney LLP

The complexity of the EU’s new General Data Protection Regulation (GDPR), particularly the potential consequences for noncompliance, and similar regulatory initiatives in various U.S. states, dramatically changes the landscape for all companies that collect personal data  -  which is virtually all companies.  Preliminary studies suggest that most companies will struggle to comply fully with the GDPR by the deadline of May 25, but there are many things companies can and should be doing to minimize their exposure to enforcement.  Join us for this session as a GDPR expert shares practical tips on how you can assess the impact of the GDPR on your organization, and ways to prioritize your compliance efforts.

4:35 pm - 4:40 pmClosing Remarks
Bob Bragdon, Publisher, CSO
4:40 pm - 5:15 pmNetworking Cocktail Reception