SecurIT: Where CIOs and CSOs come to Manage Risk

Thursday, February 15, 2018

8:00 am - 9:00 am	Registration and Networking Breakfast
9:00 am - 9:10 am	Welcome and Opening Remarks Bob Bragdon, Publisher, CSO
9:10 am - 9:55 am	Managing Risk Across the Partner Ecosystem Jerry Archer, SVP & CSO, Sallie Mae Every organization operates with an ecosystem of business partners, and the larger the organization, the more vast the ecosystem, from contractors to supply chain and technology partners. How can you ensure that every organization with which you do business complies with your policies? What measures should you put in place to penalize non-compliance? And what plans should you have in place if -- or when -- a provider fails or is breached? View Presentation
9:55 am - 10:15 am	Think Your Network is Safe? Check All of Your Endpoints. Pam Dill, Senior Security Consultant, HP Inc. While you invest time, resources and millions of dollars in protecting endpoints and network perimeter, are you addressing one of the largest footprints on your network? While printers and other endpoints may not be front-of-mind as primary security threats, this infrastructure may be allowing hackers and malware to take the easy route to your network and data. Join us for this session where we’ll share examples of breaches and how some of the most secure organizations are still lagging in overall security for critical endpoints like printers. We’ll also share best practices on how to most-effectively secure these critical endpoints. View Presentation
10:15 am - 10:45 am	Refreshment & Networking Break
10:45 am - 11:30 am	Organizational Models for Risk Governance in Today’s World Bob Bragdon, Publisher, CSO Nick Akerman, Partner, Dorsey & Whitney LLP Chiranjoy (CJ) Das, CIO, SimpleTire Michael Garcia, VP, Development Services, Fannie Mae Rich Licato, CISO, ARC Common to every medium-sized or larger organization are basic functional roles including CIO, CISO, CFO, General Counsel, CEO and Board Director. And while some executives might have multiple roles, these functions are what collectively manage organizational risk and security. What are the various reporting models for IT security today, and which ones are most effective at managing risk? To which function (or functions) is the CISO role accountable? We’ll explore whether traditional organizational structures are sufficient for today’s intense IT risk environment, and where best to adopt current and new approaches. View Presentation
11:30am - 11:50 am	Publisher’s Panel: Securing the Evolving IT Environment Bob Bragdon, Publisher, CSO Jeff Gilhool, Solutions Architect , Lookout John Westerman, Regional Systems Engineer , Illumio In this fast-paced session, industry expert panelists will weigh in with their views on the latest security news and how it is affecting customers in this new era of threats. Citing specifics from their customer engagements, the panel will talk about the problems their customers are facing and how they are addressing them. The'll also share their thoughts on enterprise security in the future when IT environments are rife with IoT, AI, augmented reality, and of course, even more data.
12:00 pm - 1:15 pm	Luncheon with Table Discussions Workspace Security, hosted by Citrix Machine Learning for Cyber Defense, hosted by Darktrace Compliance Without Data Compromise, hosted by Delphix Print Security Solutions, hosted by HP, Inc. Stop Cyber Threats with Adaptive Micro-Segmentation, hosted by Illumio
1:15 pm - 2:00 pm	Facing the Inevitable: New Risks of IoT and All Things Attached to the Network Bob Bragdon, Publisher, CSO Jerry Archer, SVP & CSO, Sallie Mae Charles A. Mance, Director, Communications & Technology Support Services, The George Washington University The promise of the Internet of Things (IoT) and the endless devices attaching to enterprise networks are creating countless opportunities for many organizations. At the same time, they present unprecedented and unforeseen risks. Join us for this discussion where we’ll ponder the frontiers of this inevitable world – and touch on how organizational survival will likely involve quantum computing, artificial intelligence, and concepts like Massively Integrated Systems of Smart Transducers (MIST), which can enable things to sense their surroundings and intervene for better outcomes.
2:00 pm - 2:45 pm	Same Threat, Different Day: Minimizing Insider Threats and Risks Bob Bragdon, Publisher, CSO Nick Akerman, Partner, Dorsey & Whitney LLP PN Narayanan, CIO, Pennsylvania Treasury Department Michael Theis, Assistant Director for Research, National Insider Threat Center, at the CERT Division, Carnegie Mellon University Whether they’re innocent errors made by well-meaning employees or malicious attempts by insiders to steal assets or interrupt business operations, the insider threat is evergreen. And just as the threat is evergreen, so is the opportunity since insiders are enabled and emboldened by the digitized enterprise. What approaches do insider experts recommend to curb the threat in this environment? What new tactics are malicious insiders using? We’ll dissect recent breaches attributable to insiders and prescribe a course of action any organization can take to mitigate the insider threat. View Presentation
2:45 pm - 3:05 pm	Refreshment and Networking Break
3:05 pm - 3:50 pm	Back to Basics: Data Protection and Its Escalation to Mission-Critical Bob Bragdon, Publisher, CSO Gus de los Reyes, CISO, Brown Advisory Donna F. Dodson, Chief Cybersecurity Advisor, National Institute of Standards and Technology Al Raymond, Executive Director, Privacy Compliance Lead, JPMorgan Chase Not long after the dust settles from a massive breach, the public (and shareholders) learn that the root cause of the breach was something simple: patches weren’t made, or routine procedures weren’t followed. How are basics being overlooked? How is IT architecture compounding the problem? When are customized interfaces to web-based applications and open source code to blame? We’ll examine the roots of many vulnerabilities and how guidelines from the National Institute of Standards and Technology (NIST) can help stem the crisis.
3:50 pm - 4:35 pm	GDPR and Beyond: Addressing the Teeth that Really Matter Robert E. Cattanach, Partner, Cybersecurity Group, Dorsey & Whitney LLP The complexity of the EU’s new General Data Protection Regulation (GDPR), particularly the potential consequences for noncompliance, and similar regulatory initiatives in various U.S. states, dramatically changes the landscape for all companies that collect personal data - which is virtually all companies. Preliminary studies suggest that most companies will struggle to comply fully with the GDPR by the deadline of May 25, but there are many things companies can and should be doing to minimize their exposure to enforcement. Join us for this session as a GDPR expert shares practical tips on how you can assess the impact of the GDPR on your organization, and ways to prioritize your compliance efforts. View Presentation
4:35 pm - 4:40 pm	Closing Remarks Bob Bragdon, Publisher, CSO
4:40 pm - 5:15 pm	Networking Cocktail Reception