CISO New York Summit | Mar 3, 2020 | Convene - 117 W 46th Street - New York, NY, USA

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Tuesday, March 3, 2020 - CISO New York Summit

8:00 am - 8:30 am

Registration & Networking Breakfast

 

8:30 am - 8:40 am

Welcome Address & Opening Remarks

Presented by:

Annalisa Fernandez, Intercultural Strategist, Becauseculture View details

 
 
 

8:40 am - 9:30 am

Keynote Panel

Steering Cultural Change

An IT executive's role, goals and objectives have drastically changed over the years. Most leaders supervise teams and units beyond their IT department. Due to these changes in responsibilities, their success is measured in greater business metrics. As a result, these roles have become both more attractive and more demanding.  

Takeaways: 

  • What are the significant changes regarding the role of the IT Executive 
  • How to keep up with the changing requirements 
  • How to properly measure an IT executive's success

Moderated by:

Shakti Jauhar, Former SVP, Global HR Operations, Shared Services, PepsiCo View details

 
 

Panelists:

Steven Wolk, CTO, PC Richard and Son View details

 
 

Ryan Tweedie, Global MD & CIO HR, Accenture

 

Annalisa Fernandez, Intercultural Strategist, Becauseculture View details

 
 
 

9:30 am - 10:00 am

Keynote Presentation

Integrate Once, Reuse Everywhere: IBM Security and the Open Cybersecurity Alliance

In late 2019, IBM joined forces with 17 other cybersecurity vendors - including McAfee, Crowdstrike and others - to form the Open Cybersecurity Alliance (OCA) to promote open and interoperable cybersecurity. Recognizing that most companies have too many cybersecurity tools to manage, too much data in too many places, and not enough skilled security professionals, OCA members subscribe to the mantra "Integrate once, reuse everywhere" to enable security teams to focus on solving security issues rather than getting tools to work together. Now up to 27 members, the OCA is becoming a powerful force in the cybersecurity industry. 

 Chris Bontempo leads Marketing and Offerings for IBM Security in North America and will discuss how the OCA members are working together and contributing foundational technologies under the open-source Apache 2.0 license, to enable security solutions to communicate with each other over a standard fabric during the entire threat management life cycle. 

 He'll also demonstrate how IBM Security is implementing foundational open-source OCA technologies like STIX-Shifter, OpenDXL and OpenC2 in its new open security platform, the IBM Cloud Pak for Security, to help clients transform threat hunting and detection, security analytics, operations and response and beyond.

Sponsored by:

IBM View details

 
 

Presented by:

Chris Bontempo, IBM Security Marketing Leader, IBM View details

 
 
 

10:05 am - 10:25 am

Executive Exchange

 

Share:

Thought Leadership

Managing Risk in a Digital World

Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. Join RSA as we review several key areas of digital risk management to target as you are challenged to be a key contributor in your organization's digital journey.

Sponsored by:

RSA View details

 
 

Presented by:

Ben Smith, Field Chief Technology Officer (Field CTO - US), RSA View details

 
 
 

10:30 am - 10:40 am

Morning Networking Coffee Break

 

10:45 am - 11:10 am

Executive Exchange

 

Share:

Think Tank

Send the Elevator Back Down

So, you made it to the top!  Congrats, now what?  Many of us seek and discuss our legacy once we attain a certain level in our career.   What is your legacy?  Is this important to you?  What can you do now to help build this legacy while you are in your current role?  How can you help others?  What does it mean to send the elevator back down? 

  • You didn't get here alone, what can you do with limited time to help others? 
  • What tools and opportunities do you have today? Practical examples.
  • How can you leverage your current role and position to set the stage for others to elevate themselves?


Presented by:

Howard Cohen, Head, Digital Capability Management, Collaboration Services, Bristol-Myers Squibb View details

 
 

Think Tank

The Elephant in the Room, Data Breaches

In 2019, data breaches endured yet again as the largest security threat noted by organizations and IT security professionals alike. If data remains as a high valued commodity, ensuring data privacy and securing personal data will continue to be at the top of the list of an organization's concerns. The increases in privacy legislation, such as GDPR and CCPA, and the understanding of the ramifications stemming from a breach have allowed these concerns to remain heavily in the spotlight. 

Takeaways:

  • Having an effective incident response plan 
  • Mitigates timely security incidents, including breaches
  • Introduce significant cost savings when looking at the rising cost of data breaches.

Presented by:

Nasser Fattah, Managing Director, Information Security & Disaster Recovery, Bank of Tokyo View details

 
 
 

11:15 am - 11:40 am

Executive Exchange

 

Executive Boardroom

Achieving Zero-Time Threat Prevention using Deep Learning

Machine Learning is a big step forward in combatting cyberattacks but is still no silver bullet. Many traditional cybersecurity solutions available today are causing huge operational challenges as they are inadequately defending against today's complex and sophisticated threats. It has become increasingly evident that the solutions used to protect your company and its data need to work pre-emptively to prevent attacks, rather than just detect and respond to them. Fortunately, AI technologies are advancing, and Deep Learning is proven to be the most effective cybersecurity solution, resulting in unmatched prevention rates with proven lowest false positive rates. As you evaluate new technologies for your organization, understand the differences and benefits of Artificial Intelligence, Machine Learning, and Deep Learning. 

This session will cover: 

  • Introduction to Deep Learning - Differences between AI/ML/DL 
  • Applying deep learning as a preventative approach to cybersecurity 
  • Advantages of using deep learning to autonomously block any threat in milliseconds

Sponsored by:

Deep Instinct View details

 
 

Presented by:

, ,

 

Executive Boardroom

Keep ALL endpoints continuously patched and compliant with the just released BigFix 10!

Join us to learn why thousands of enterprises use a single solution to simplify patch, compliance and security configuration management of all Windows, UNIX, Linux, MacOS, AWS, Azure, and VMware instances, whether they're on premise or in the cloud. The results? Faster cycles, reduced OPEX and tighter security.

Sponsored by:

HCL BigFix View details

 
 

Presented by:

, ,

 
 

11:45 am - 12:10 pm

Executive Exchange

 

Think Tank

Presented by:

Parthasarathi Chakraborty, Director, Infrastructure & Cloud Security Architecture, BMO Financial Group View details

 
 
 

12:15 pm - 12:40 pm

Executive Exchange

 

Executive Boardroom

Can Organizations Trust Artificial Intelligence to Address Gaps in Security?

In an era of talent shortages in security, organizations need to turn to tools that can adapt to the human intelligence of attackers. But can you trust tools that rely on artificial intelligence to help fill that gap? In this talk, we'll discuss how security teams can unpack the black box that can be AI and machine learning to leverage tools that implement these for tasks which they're best at. We'll discuss how sometimes the only way to protect against the real humans behind targeted email attacks is artificial intelligence that can adapt to human intelligence.

Sponsored by:

Abnormal Security View details

 
 

Presented by:

Ken Liao, VP of Cybersecurity Strategy, Abnormal Security View details

 
 

Executive Boardroom

Still Using Passwords? Forget That Sh*t

The constant barrage of breaches over the last decade has made it clear that usernames and passwords - invented back in 1964 - are simply no longer secure enough. According to the 2019 Verizon Breach Investigations Report, compromised credentials are responsible for over 80% of all breaches. 

Despite attempts to make static credentials more secure by adopting two-factor authentication utilizing SMS, OTPs or hardware tokens, these added layers still leave organizations vulnerable to phishing attacks, keylogging, malware and more. 

By removing the past reliance on usernames and passwords, you can enhance your organization's security by significantly reducing your overall attack surface and virtually eliminating the risk of compromised credentials. 

Takeaways: 

1. Learn how usernames and passwords are leaving your organization at risk. 

2. See how how passwordless authentication removes major threat vectors. 

3. Provide users a fast, simple and consistent authentication experience across any channel

Sponsored by:

Trusona, Inc. View details

 
 
 

12:40 pm - 1:40 pm

Networking Lunch and Keynote

The Next Phase of Cybersecurity

Today's digital technologies quickly become commodities, and adoption of emerging technologies provides only temporary edge and differentiation. To stay ahead, you must think bigger and take bigger risks. Do not make the technologies themselves the focal point, but the profound business transformations they make feasible. While these transformations offer organizations great benefits, they also offer extreme risks that must be accounted for and planned for. 

Takeaways:

  • Get a leg up on next gen technologies
  • High risk can yield high reward 
  • Focusing less on products and more on company alignment to them


Presented by:

Cedric Curry, CISO, NYC Citywide Administrative Services View details

 
 
 

1:00 pm - 1:10 pm

Executive Exchange

 

Innovation Partner Showcase


Sponsored by:

Levvel.io View details

 
 
 

1:45 pm - 2:10 pm

Executive Exchange

 

Share:

Think Tank

HR Technology Transformation- Talent, Core HR, and Payroll

Given the advent and accelerating maturity of major cloud platforms- both configurable and customizable- in the HR space for payroll, talent, time, mobility, travel, and core HR- transformation activity for HR and composite functions is more prevalent than ever.  The "art of the possible" has expanded to an apex where traditionally disparate processes and associated technologies like payroll and talent can now be thought of in concert via process and data aggregation with interesting possibilities for insight, consolidation, risk & cost mitigation, and reporting & analytics.  The technology landscape for HR has evolved so rapidly that oftentimes, major HR technology platforms are the driving force and intentional inflection points for transformation.  The "War for Talent" will be won or loss by major organizations by exercising and perfecting HR technology strategy and data to attract, on-board, retain, and develop key talent.

Presented by:

Ryan Tweedie, Global MD & CIO HR, Accenture

 

Share:

Think Tank

CCPA, Dealing with the changing Data Privacy landscape

The California Consumer Privacy Act (CCPA) is the most comprehensive data privacy legislation seen in the U.S. in decades and arrives at a time when the need for qualified staff, tools, and the appetite to complete the required projects are at an all-time low.  This law has weight based on the size of California, reach of their economy, and potential punitive damages.  This shift in philosophy starts with all of us in different businesses realizing this new world where any information pertaining to an individual will need to be protected as if it were at the highest levels of sensitivity. 

Takeaways:

  • Dealing with Do Not Sell
  • Differences between CCPA and GDPR
  • Foundational requirements to build toward compliance

Presented by:

Richard Mendoza, Director, Privacy & Regulatory Compliance, Realogy Holding Corp. View details

 
 
 

2:15 pm - 2:40 pm

Executive Exchange

 

Share:

Thought Leadership

You Need to Know Who Is Accessing Your Data, But Do You Really?

Knowing who is accessing what data is at the heart of security. Today, users and attackers get to your data through a mesh of web applications, APIs, and microservices. Unfortunately, your database logs only report the querying source as an authorized intermediary application without the originating requestor's information. This blind spot causes glaring gaps during audits, slows incident response, and impede breach detection. 

Learn how to apply new ways of continuously linking originating users' information to every database access with cohesive interworking between edge WAF, server RASP, and Data Activity Monitoring tools.

Sponsored by:

Imperva View details

 
 
 

2:45 pm - 3:10 pm

Executive Exchange

 

Think Tank

Designing the Digital Workplace

Employees are consumers of digital technologies such as IoT, AR and VR. The plethora of mobile devices has enabled them to work where they want and when they want which has raised the bar on employee expectations for tools and capabilities from their employers. In order for companies to retain the best and get the most out of their employees, it is vital to design and continually update the digital workplace. We will discuss the current trends as well as share case studies of successful digital workplace implementations.  

Takeaways:

  • Highly skilled employees will demand a mobile and efficient workplace
  • Keeping these skilled employees fully engaged and passionate about your company is critical to achieving the desired digital transformation

Presented by:

David Reis, Executive VP & Chief Information Officer, Hackensack Meridian Health View details

 
 
 

3:15 pm - 3:40 pm

Executive Exchange

 

Executive Boardroom

Could Hackers Solve the Cybersecurity Skills Shortage?

The phrase "cybersecurity skills gap" has become a common part of the lexicon of cybersecurity professionals today. While there are many theories as to how we ended up this shortage, few have offered solutions that will solve the issue in the near term. And the need is desperate. In this session, HackerOne Head of Hacker Education and one of the world's top hackers will discuss how we are looking in the wrong places for people to fill the existing holes in organizations, and offer alternative solutions for the shortage we're facing.

Sponsored by:

HackerOne View details

 
 

Presented by:

Ben Sadephipour, Head of Hacker Education, HackerOne

 
 

3:40 pm - 3:50 pm

Afternoon Networking Coffee Break

 

3:55 pm - 4:20 pm

Executive Exchange

 

Think Tank

Automating Cybersecurity

IT security professionals all face one major issue: being asked to do more, with less resources. Automation and integration are a necessity in order to meet the demands of an organization's security needs.  Managing risk without diminishing the speed and quality of development is achievable by integrating security into agile processes, like DevOps or CI/CD. Since most security teams are understaffed, automated solutions are becoming a requirement, rather than an option to properly manage the ever-increasing workload. 

Takeaways 

  • Automation is required to meet today's security demand
  • DevOps can operate more efficiently with CI/CD 
  • IT security staff are responsible for more than ever

Presented by:

Tim Swope, Chief Information Security Officer, Catholic Health Services of Long Island View details

 
 
 

4:25 pm - 4:50 pm

Share:

Think Tank

Data Governance Across Geopolitical Borders

Technology and globalization have leveled national borders, but there is an emerging trend towards digital protectionism to reinstate those borders. Nation-states are imposing data localization requirements and data governance initiatives that restrict the transfer and storage of data and pose serious questions about data privacy, surveillance and jurisdiction. Enter the post-digital age where the cultural battlelines are drawn in data and technology, and regulations emerging from moves toward digital sovereignty are the next challenge for global companies to navigate.

 
Takeaways:
 

  1. Information governance and security norms are shaped by cultural and geopolitical factors.
  2. Data is no longer a neutral, objective concept; issues of jurisdiction and integrity arise as it is shared across diverse national and legal contexts.
  3. Monitoring, analyzing, and complying with rapidly changing and diverse regulatory scenarios around the globe is the next challenge for CISOs.

Presented by:

Annalisa Fernandez, Intercultural Strategist, Becauseculture View details

 
 
 

4:55 pm - 5:00 pm

Closing Remarks


Presented by:

Liliana Polo-McKenna, CEO, OBT Org.

 
 

5:00 pm - 6:30 pm

Summit Happy Hour