Thursday, March 16, 2023
Times subject to change.
7:30 AM – 8:30 AM
Registration and Continental Breakfast
8:30 AM – 5:30 PM
General Session
Hahn Auditorium
8:30 AM – 8:40 AM
Welcome Remarks
Robert Rodriguez, Chairman & Founder, SINET
Rick Geritz, Chairman and CEO, My Journey Technologies
8:40 AM – 9:20 AM
Cyber Insurance: What Does It Look Like Today and Where Will It Be in the Next 2-3 Years?
Abstract: Cyber Insurance is a difficult area for many CISOs to address. As questions regarding the value of cyber policies continue to surface, how sustainable are strict policy terms and conservative pricing for the long term? In addition, what role should the insurance industry play in supporting effective cyber resilience? In this panel we will discuss the current state of Cyber Insurance, and consider as we look to the future, how collaboration and partnerships between the insurance industry, government and Risk Executives may be able to reduce systemic cyber risk, thus changing the landscape of heightened risk management and the overall role of cyber insurance.
Panelists:
Edna Conway, VP, Security & Risk Officer, Azure Hardware Systems & Infrastructure, Microsoft
Deanna Muran de Assereto, Managing Director – Deputy Chief Security Officer, OCC
Susan Chiang, Deputy Chief Information Security Officer, Cloudflare
Nikhil Kalani, VP & Chief Information Security Officer, The Reynolds and Reynolds Company
Scott King, VP, CISO, Encore Capital Group
9:20 AM – 10:00 AM
What Past Geo-Political Events Can Teach Us About Current and Future Cyber Threats
Abstract: Risk Executives have had numerous responsibilities and pressures prior to, during, and after Covid. Now with the war in Ukraine, the increasing volatility with China, and other concerns with Iran, South Korea, and other nonfriendly U.S. nations, they must stay abreast of geo-political matters indirectly or directly affecting our supply chains, increasing state-sponsored attacks, and in particular for multinational conglomerate corporations who have holdings in foreign nations. BODs will also be looking for sage counsel on how to best manage risk amongst these growing concerns.
Moderator:
Lawrence Zelvin, EVP, Financial Crime – Cyber, Fraud, Physical Security and Crisis Management, BMO Financial Group
Panelists:
Shawn Henry, Chief Security Officer, CrowdStrike
Andres Andreu, SVP, Chief Information Security Officer, 2U
Carey Frey, Chief Security Officer & Vice President, TELUS
Ann Johnson, Corporate Vice President of Microsoft Security Business Development, Microsoft
Rob Knake, Deputy National Cyber Director for Strategy and Budget, Office of the National Cyber Director, White House
10:00 AM – 10:40 AM
The Advanced Sophistication of Attacks in the Last Year: What’s Next?
Moderator:
Selim Aissi, Global Chief Information Security Officer, Blackhawk Network
Panelists:
Jon Miller, CEO & Co-Founder, Halcyon
Allen Wilson, Chief Information Security Officer, AXIS Capital
Upendra Mardikar, Chief Information Security Officer, TIAA
David Tsao, Chief Information Security Officer, Instacart
Ken Ricketts, Chief Information Security Officer, Coupa Software
10:40 AM – 10:50 AM
Break
10:50 AM – 11:30 AM
Benefits and Challenges of IT & OT Convergence
Abstract: Converging IT and OT security is no longer an option to properly defend corporate industrial networks; it is a requirement. Companies not actively embracing a holistic, converged security model are finding it increasingly expensive to obtain cyber insurance and are likely to soon find policies unobtainable.
The principal target of sophisticated attackers is OT/ICS for critical infrastructure. IT and OT are usually connected in some way. Ensuring there are no gaps in defenses is essential (for example: Typical to patch effectively in IT, but patch much less effectively in OT).
Moderator:
Brian Harrell, VP & Chief Security Officer, Avangrid
Panelists:
Adam Lee, Vice President, CSO, Dominion Energy
Jamey Sample, Vice President and Chief Security Officer, Xcel Energy
Mario Garcia, Cybersecurity State Coordinator for California, Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of Homeland Security
Guy Delp, Vice President, Global Information Security, Pfizer
Kevin Walker, Chief Security Officer, Procore Technologies
11:30 AM – 12:10 PM
Supply Chain Security: Real-World Strategies for Cyber Risk Management of 3rd and 4th Parties
Abstract: The importance of supply chain risk management continues to increase in its criticality across industries, especially in the wake of recent third- and fourth-party attacks that have highlighted the need for software assurances as well as a deep understanding of the inner workings of what goes into software. But beyond software itself, service providers, trusted partners, and the ecosystems they belong to form a web of interconnected relationships that introduce risk when one of those links are compromised. Through real-world examples and industry best practices, this panel will leave attendees with a better understanding of how to build more resilient supply chains.
1. How can organizations effectively assess their third- and fourth-party vendor ecosystem and identify supply chain dependencies?
2. What are trends in supply chain attacks and what defense strategies have proven effective?
3. How can organizations build an effective culture of security within their supply chain organization and vendor ecosystem?
4. How can organizations gain assurances from their third- and fourth-party vendor ecosystem and what is the current and future value of independent certifications?
Moderator:
Marc Sorel, Partner, McKinsey & Company
Panelists:
Brendon Stoner, Sr. Director; Head of Security and Privacy Risk and Compliance, HERE
Jim Eckart, Chief Security Advisor, Microsoft
Chris Lugo, VP, Chief Information Security Officer, Blue Cross Blue Shield Association
Jonathan Chow, Chief Information Security Officer, Genesys
Jerry Archer, SVP/Chief Security Officer, Sallie Mae Bank
12:10 PM – 12:25 PM
Fireside Chat with Ken Taylor: Buyer, Seller and VC – The Road to Investment Banking on Wall Street
Abstract: Trust. People, process, and profit.
Ken Taylor has had the great fortune to work within the military, the defense, system integration, and startup community as well as the capital markets. One constant remains true – the relationships built on past performance and truth have allowed all of us to be in the positions we sit in today. We guard those friendships, those bonds with similar, like-minded, mission-oriented professionals, as they underpin the group we are proud to say we are part of. Those colleagues are our digital ground truth.
Speakers:
Ken Taylor, Vice Chairman, Cyber Security, Investment Banking, Cohen & Company Capital Markets
Robert Rodriguez, Chairman & Founder, SINET
12:25 PM – 1:15 PM
Lunch
1:15 PM – 1:55 PM
Corporate Architecture of the Future: Bring Your Own Network, Asset, Application, Service – Where is Security Focused?
Moderator:
Jimmy Sanders, Information Security, Netflix
Panelists:
Caleb Sima, Chief Security Officer, Robinhood
Alex Lisle, Chief Technology Officer, Hubble
Juan Piacquadio, CIO & VP, Information Services, Phlow Corporation
Al Ghous, Chief Information Security Officer, Snapdocs
Pathik Patel, Head of Cloud Security, Informatica
1:55 PM – 2:35 PM
Cyber Resiliency Using AI and ML: Advantages and Manipulation
Moderator:
Dr. Adele Merritt, Chief Information Officer, Intelligence Community, Office of the Director of National Intelligence
Panelists:
Friedrich Wetschnig, CISO & Chief Data Privacy Officer, Flex
Vijaya Kaza, Chief Security Officer, Head of Engineering for Trust & Safety, Airbnb
Mario Vuksan, CEO, ReversingLabs
Beth-Anne Bygum, SVP, Chief Security and Compliance Officer, Acxiom
2:35 PM – 3:15 PM
Leveraging SaaS to Accelerate Discovery, Identity, and Access Control Towards a High-Performance Business IT Outcome
Moderator:
Nelson Soares, Founder, President & CEO, C-Vision International
Panelists:
Sangram Dash, Head of CyberSecurity, CDK Global
Leda Muller, Chief Information Security and Privacy Officer, Stanford University, Residential and Dining Enterprises
Piyoush Sharma, Head of Enterprise Security & Technology Operations, Zuora
Aaron Miller, Solutions Architect, Salt Security
Rick Patterson, EVP, Chief Information Security Officer, CLEAR
3:15 PM – 3:25 PM
Break
3:25 PM – 4:05 PM
AI, Cloud, and Digital Transformation to Support and Protect Healthcare Providers in Realtime
Abstract: The healthcare industry presents a particular set of best practices for Cyber professionals. Join these Risk Executives in healthcare for a transparent conversation covering the unique responsibilities, challenges, and opportunities of Cybersecurity in healthcare, including:
– The challenges of ransomware from a healthcare perspective
– AI and ML in healthcare consumer technology: what the future holds and how to leverage data in a safe and viable manner to aid caregivers in real time
– How healthcare is reacting to the recession
– Implications of new SEC regulations and requirements in healthcare
– Why data privacy concerns are different in healthcare than in other sectors
Moderator:
Javier Gonzalez, Former CISO, Barclays Mexico
Panelists:
Esmond Kane, Chief Information Security Officer, Steward Health Care
Justin Heyl, Director, Enterprise Risk Management, Baxter International
Rob Wood, Chief Information Security Officer and Director of the Information Security and Privacy Group, Centers for Medicare & Medicaid Services (CMS)
Eddie Borrero, Vice President and Chief Information Security Officer, Blue Shield of California
Adam Zoller, Chief Information Security Officer, Providence Health
4:05 PM – 4:45 PM
The Evolving Relationship Between The CIO and CISO
Abstract: The purpose of the session is to invite CIOs from disparate industries to discuss 1) the CIO/CISO relationship, 2) tech trends such as digital transformation, innovation in austere times, APIs, etc. and 3) security takeaways from the perspectives of CIOs.
Moderator:
Rajeev Chand, Partner & Head of Research, Wing Venture Capital
Panelists:
Mike Pfeffer, Chief Information Officer, Stanford Health Care
Greg Lavender, Senior Vice President, Chief Technology Officer, Intel
Sri Shivananda, Chief Technology Officer, Paypal
Monika Nerger, Group Global Chief Information Officer, Mandarin Oriental Hotels
Deepali Bhoite, Chief Information Security Officer, Anaplan
4:45 PM – 5:25 PM
Enhancing Critical Infrastructure Protection Through a Zero Trust Model
Abstract: The concept of Zero Trust dominates conversations across the security landscape and has even become part of the federal government’s focus through President Biden’s ‘Executive Order on Improving the Nation’s Cybersecurity’ and OMB Memorandum M-22-09, ‘Federal Zero Trust Strategy’. This panel discussion will highlight the nexus between the three disciplines of IT, OT, and physical security in the pursuit of zero trust across the 16 defined critical infrastructure sectors. Employing the concept of ‘never trust, always verify’, without addressing security in all three disciplines is a strategy doomed to fail and this panel of experts will discuss how zero trust can be effectively employed in critical infrastructure environments.
Moderator:
Mark Weatherford, Chief Security Officer and SVP of Regulated Industries, AlertEnterprise
Panelists:
Casper Eloff, Head of Corporate Security, The Mosaic Company
Michael Makstman, Chief Information Security Officer, City & County of San Francisco
Vivek Khindria, SVP Cyber Security, Network, and Technology Risk, Loblaw Companies
Brian Reed, Chief Mobility Officer, NowSecure
Terry O’Daniel, Acting Head of Security, Amplitude
5:25 PM
Closing Remarks
5:30 PM – 7:00 PM
General Reception