Day One Workshops
November 8, 2017
1:00 PM – 1:50 PM
Track A / Communication Strategies That Deliver Measurable Metrics Between the CISO and the Board
One of the roles of the CISO is to determine risk, and proceed to set and enforce policy accordingly. It has also become increasingly more about engaging with upper management and the Board of Directors, convincing them of these risks and where CISOs should invest to mitigate them. And considering the board has a significant voice on the direction of business risk strategies, having them on your side is essential. What type of controls should you have in place and how can one improve on them? What strategies work for such a discussion? What metrics could be presented? How do you articulate through business nomenclature, and what approaches work better than others?
Wade Baker, Partner & Co-Founder, Cyentia Institute
Jacqueline Johnson, Head of IT Security Architecture, Nordea Bank
Christopher Porter, Chief Information Security Officer, Fannie Mae
David Stender, Senior VP & Chief Security Officer, M&T Bank
Kiersten Todt, President & Managing Director, Liberty Group Ventures, LLC
1:00 PM – 1:50 PM
Track B / Farewell to the Old Guard! (How to Rise Above the Noise by Listening to the Customer’s Problem and Not Focusing on Your Solution When Pitching)
The technologies that we must protect, and the threats that we must protect them from, are all changing at an astonishing rate. The old guard solutions that have been the go-to of industry for the last decade are no longer effective. There are exciting new solutions hitting the market every day, but they often struggle to produce a coherent message and gain traction in the market. What’s more, few CISOs have the time and resources necessary to methodically evaluate emerging tech to determine how it might fit with their strategic plan. This session will be with 5 leading CISOs sharing how to rise above the noise to get traction with them and perfect your pitch.
Jason Clark, Managing Partner & Founder, 360Velocity
Jon Brickey, Ph.D., Senior Vice President of Security Strategy and Architecture, Mastercard
Ryan Frillman, Director, Information Security and Compliance,
Gary Harbison, Chief Information Security Officer, Monsanto
Matt McCormick, Chief Security Officer, Virtustream
Dustin Wilcox, Chief Information Security Officer, Fortune 100 Healthcare
1:50 PM – 2:40 PM
Track A / How User Behavior Intelligence Can Minimize the Insider Threat Problem
In recent years, organizations with sophisticated security programs have been forced to acknowledge the insider threat. The notable ‘trusted insider’ cases of Reality Winner, Harold Martin and Edward Snowden have put a spotlight on the need for advanced user behavior intelligence and focused insider threat programs. Malicious users, negligent users, and credential thieves pose more risk to the enterprise than ever before, since it’s now harder than ever to control them with perimeter security. Today, enterprises need visibility into user behavior – whether that means seeing if a high-profile employee is departing with sensitive data, or determining the risk of negligent users who may accidentally cause a data breach.
This panel of cybersecurity executives will explore the advantages of employing Advanced User Behavior Intelligence to proactively manage insider threats.
Attendees Will Learn How User Behavior Intelligence Helps:
Christy Wyatt, President & Chief Executive Officer, Dtex Systems
Tom Quinn, Chief Information Security Officer, T. Rowe Price
Alex Romero, Chief Information Security Officer & Director,
Cybersecurity Directorate, Defense Media Activity
Dewayne Sharp, Assistant Section Chief, Federal Bureau of Investigation
Rod Turk, Acting Chief Information Officer, U.S. Department of Commerce
A. Spencer Wilcox, Director of Operational Technology Cyber Security, Exelon
1:50 PM – 2:40 PM
Track B / Models For Assessing and Managing Risk Within Your Organization
Every CISO faces an immeasurable number of challenges when it comes to assessing and managing risk within their organization. Today’s attackers are becoming increasingly sophisticated, often learning and innovating faster than the defense can respond. They have seemingly unlimited resources and are unencumbered by rules and compliance regulations. Trying to defeat them can feel like a losing battle.
With security and IT teams running on limited resources, how are CISOs leading their teams to operate as effectively and strategically as possible? How do they navigate the never-ending stream of [seemingly] doomsday vulnerabilities and headline grabbing breaches? And how do they separate the good from the bad when new miracle solutions are in their face every day?
This discussion will highlight how CISOs are using data and analytics to inform security strategies and product creation, prioritize security measures to efficiently manage risk, and smartly invest time to keep pace with the latest industry news and trends amidst an ever-changing threat landscape.
Tas Giakoumanikas, Founder & Chief Technology Officer, Rapid7
Marianne Bailey, Deputy National Manager,
National Security Systems, Department of Defense
Dr. Ray A. Letteer, Chief, Cybersecurity Division,
Headquarters Marine Corps/C4
Jillian Munro, Senior VP Enterprise Cybersecurity, Fidelity Investments
Alan Naumann, Chief Executive Officer, Contrast Security
Jeff M. Vinson, VP & Chief Information Security Officer,
Harris Health System
2:40 PM -3:00 PM
3:00 PM – 3:50 PM
Track A / Data in the Blindspot, Insights About Understanding Where Data is Going (or Maybe Already Is)
Data overload is unmanageable and we need to move from finding the needle in the haystack to finding a needle in a stack of needles. Failure to do so limits understanding, and ultimately, the correct action. The challenge and the opportunity are that critical pieces of data are in front of us but we are not asking the right questions and assembling correctly to identify and maximize it? How do we achieve these goals while at the same time balancing security and privacy? This panel will not discuss technology, but discuss a continual fundamental shift in thinking around how and why there is a growing need in organizing existing and available data to take action. The panelists will cover implementations in this thinking around physical, civil liberties, threat intel and risk.
Jason Zann, Vice President, Head of Platform, RiskIQ
Ann Barron-DiCamillo, Vice President, Cyber Threat Intelligence and Incident Response, American Express
Tim Held, Deputy Chief Information Security Officer, US Bank
Joshua Koplik, Chief Information Security Officer, IAC
Congressman Kevin Yoder, United States Congressman, Kansas,
United States House of Representatives
3:00 PM- 3:50 PM
Track B / Artificial Intelligence for Security – Is It All Hype and What is the Factual Maturity of this Space?
At many security conferences, the topics of analytics and AI dominate with their marketing hype and perception of where we are headed, but these terms are thrown around haphazardly and stretched beyond credibility. This panel will attempt to separate the real from the hype through discussing real-world use cases that are taking the most advantage of various AI and analytics techniques. The panel will also dive into the coming challenges and opportunities presented by this evolving space. How will we be able to manage the convergence of Autonomy in Cyber, i.e. AI, robotics, machine to machine communications, visualization and all the associated data that comes with the continuing evolution of technology breakthroughs happening at warp speed? And how well is AI working against the risk at the endpoint?
Bryan Ware, Chief Executive Officer, Haystax Technology
Carey Frey, Vice President, TELUS Security & Chief Security Officer
Laurent Gil, Co-Founder & Chief Product Officer, ZenEdge
Michael Nance, Chief Information Security Officer & Senior Fellow, Lockheed Martin
David Zilberman, Managing Director, Comcast Ventures
3:50 PM – 4:40 PM
Track A / Healthcare Cybersecurity Task Force Report and Escalating Risks to Patient Care
Through our over dependence on undependable IT, we have created the conditions such that the actions any single outlier can have a profound and asymmetric impact on human life, economic, and national security. We’d like to explore the recent attacks like WannaCry, Petya/NotPetya, and the spate of Healthcare specific ransomware against the sector. Using the Healthcare Task Force Report and some recent clinical hacking simulations done at the Cyber Med Summit, we will outline the various challenges and potential solutions for resilient and dependable safety critical services in what constitutes a sixth of our GDP.
Josh Corman, Chief Security Officer, PTC & Fellow, Atlantic Council
Emery Csulak, Chief Information Security Officer,
Centers for Medicare and Medicaid Services,
U.S. Department of Health and Human Services
Rep. Jim Langevin, United States Congressman, Rhode Island, United States House of Representatives
MAJ Wm. Bradford Marsh, Madigan Army Medical Center & AEHIS, U.S. Army
Jacki Monson, Chief Privacy and Information Security Officer,
3:50 PM – 4:40 PM
Track B / Accelerating CyberSecurity Innovation Across Government
The public sector needs innovation as quickly, if not quicker than private industry, but policies and processes can slow identification and adoption. Three things are critical to help acceleration: Federal government officials must be provided an opportunity to clearly articulate innovation strategy, industry must be provided an opportunity to engage directly with government officials and communicate what industry has to offer, and decision makers must highlight and work through procurement hurdles that exist between industry and government.
This panel will answer these important questions:
What is the biggest hindrance to technology and CyberSecurity innovation in government and how can these barriers be alleviated?
What steps need to be taken by government and industry to foster a more symbiotic relationship as it relates to CyberSecurity?
Will the current administration continue the work started in the previous administration’s CyberSecurity National Action Plan (CNAP) and CyberSecurity Strategy and Implementation Plan (CSIP)?
What role will the new Office of American Innovation play in Federal IT and CyberSecurity?
How are the Office of Management and Budget, National Security Council, and the Office of American Innovation prioritizing CyberSecurity?
What impact is the recent Cybersecurity Executive Order having on Federal cybersecurity? How might the Executive Order be used to facilitate discussions between industry and government?
Trevor Rudolph, Cybersecurity Fellow, New America
Sean Gallagher, Vice President, In-Q-Tel
Doug Maughan, Division Director, U.S. Department of Homeland Security
Dominic Sale, Deputy Associate Administrator,
Information Integrity & Access, GSA
Joe Stuntz, Vice President of Cybersecurity, One World Identity
4:40 PM – 5:30 PM
Track A / Building and Achieving a World Class Incident Response Capability
Effective cyber defenses today need to be resilient to defeat advanced threats. Resiliency includes the ability to quickly and effectively snuff out incidents as they occur: not within weeks or months, but within minutes. A world class incident response capability is required to thread a solution through the myriad of defensive technologies and processes in order to orchestrate a rapid defense. This panel discussion of authorities with broad expertise in government, industry and technology organizations will provide a view of the state of the art in incident response and a visionary look into the future of staying ahead of an increasingly complex cyber threat.
Michael Papay, Chief Information Security Officer,
Northrop Grumman Corporation
Devon Bryan, Executive VP & Chief Information Security Officer,
The Federal Reserve System
Mary N. Chaney, Vice President,
International Consortium of Minority Cybersecurity Professionals
Dario Forte, Chief Executive Officer, DF Labs
Matt Olsen, Co-Founder, IronNet Cybersecurity
4:40 PM – 5:30 PM
Track B / The Next Generation of Cyber Laws and Regulations: Balancing Risk, Innovation and Security in the Digital Economy
This panel will explore the tension between laws/regulations/legal frameworks and innovation and technology. How does our current legal framework impede technology and innovation in industry? What needs to be done to align laws with technology development? How can the justice system facilitate innovation?
John Mills, Director, Cybersecurity Policy, Strategy, International Integration, U.S. Department of Defense CIO
David Hickton, Founding Director, University of Pittsburgh Institute for Cyber Law, Policy, and Security
Samir Jain, Partner, Cybersecurity, Privacy & Data Protection, JONES DAY
Kate Kuehn, Vice President, Wandera
Irv Lachow, Portfolio Manager, International Cybersecurity,
Day Two Showcase
November 9, 2017
7:30 AM – 8:30 AM
Registration and Continental Breakfast
8:30 AM – 5:30 PM
8:30 AM – 8:35 AM
Introductory Remarks by Showcase Host
Rick Geritz, Chief Executive Officer, LifeJourney
8:35 AM – 8:40 AM
Robert Rodriguez, Chairman, SINET
8:40 AM – 9:25 AM
Deterring Adversaries and Mitigating Risks in Cyberspace, From Resilience to Active Defense
Understanding and prioritizing cyber risk investments for improving infrastructure resiliency is essential as cyber risk is business risk. Resilience, recovery and risk management are key components in delivering an effective strategy for mitigating cyber risk while improving infrastructure and operational resilience. First, how do we strategically align and measure these efforts within an organization while taking into account international standards, regulatory mandated levels of maturity and developing a cyber resilience strategy for both government and industry mission-critical facilities? Secondly, infrastructure resilience is foundational to any deterrence strategy, but not sufficient. As threat in cyberspace increase in scale and sophistication, what active defense measures should be incorporated into a USG deterrence strategy? What is required of industry? What is required of government? What are the existing obstacles and necessary steps to moving in this direction?
Bob Butler, Senior Vice President, Critical Infrastructure Protection, AECOM Management Services
Rich Baich, Chief Information Security Officer, Wells Fargo
Scott DePasquale, President,
Financial Systemic Analysis & Resilience Center
Congressman Will Hurd, United States Representative,
23rd District of Texas
9:25 AM – 9:30 AM
Introduction to SINET 16 Innovators
Dr. Douglas Maughan, Division Director,
U.S. Department of Homeland Security
9:30 AM – 9:55 AM
SINET 16 Innovators Present (1-4)
Centripetal Networks, Steven Rogers, Chief Executive Officer
Fireglass, Zach Beiser, Vice President of Marketing &
Haystax Technology, Bryan Ware, Chief Executive Officer
InfoSec Global, Claire Trimble, Chief Strategy Officer
9:55 AM – 10:40 AM
Cloudy Weather in the Forecast – The Evolution of Computing is Dramatically Changing our Technology, Processes and Governance
Computing is advancing at a pace that is hard to comprehend, from quantum computing, to the vast and rapidly expanding complexity of cyberspace, to the accelerating pace of digital transformation, transition to the cloud and beyond. Security must surf this wave developing new perspectives and capabilities for defense and governance; ensuring that our future will be secured from the many plagues we are likely to encounter on this mind-boggling journey.
The panel will discuss some of the significant issues we will likely face as computing technology and capabilities advance and provide insight on security innovations that are needed to develop and maintain a secure cyberspace.
Jerry Archer, Senior VP & Chief Security Officer, Sallie Mae
Bob Flores, Co-Founder & Partner, Cognitio Corp
Patricia Muoio, Partner, Sinewave Ventures
Chris Richter, Senior Vice President, Global Security Services, CenturyLink
Jeffrey Schweitzer, Chief Innovation Architect, Verizon Enterprise Solutions
10:40 AM – 11:00 AM
Break and Company Exhibits Open
11:00 AM- 11:40 AM
The CyberSecurity Regulatory Complex: The Secret Laws, Rules and Tactics of Federal Regulators
Securing your environment today is like maintaining an airplane while it is flying. As Congress has set no roadmap as to what compliance looks like and who is running the show, countless agencies have appointed themselves as cybercop. Most industries must adhere to at least two agencies with conflicting requirements. How do you know if you are in compliance? What happens if you are plucked from obscurity and thrust under the regulatory microscope? Why does the FTC fight to keep their security standards secret? How do you know how effectively your organization is spending millions of dollars? Today’s panel will expose the current maze of laws, rules and tactics that you may not want to know, but you really need to know.
The moderator of this panel, Mike Daugherty is the CEO of LabMD, a cancer testing laboratory. He has spent most of the last decade defending his company against charges that it had deficient cybersecurity practices. The early years of his entering and fighting in the Washington, DC, are recorded in his book, “The Devil Inside the Beltway”. In so doing, he has become the only litigant to challenge the basic authority that underlies more than 200 enforcement actions relating to cybersecurity and online privacy that the FTC has brought over the past 15 years. Every one of the 200+ litigants before him – including some of the largest companies in the world – have settled with the FTC, creating an unquestioned and untested belief that the FTC has broad authority to regulate in these areas. Following oral arguments in June, 2017, before a panel of the 11th Circuit Court of Appeals, it seems entirely possible that he will prevail. In so doing, he may well topple key pillars of the FTC’s cybersecurity and online privacy edifice, successfully exposing and challenging The Administrative State.
Michael Daugherty, Founder & Chief Executive Officer, LabMD
Tim Callahan, Chief Information Security Officer, AFLAC
Renee Guttman, Chief Information Security Officer, Royal Caribbean Lines
Doug Meal, Partner, Ropes & Gray LLP
Jason Smolanoff, Senior Managing Director &
Global Cyber Security Practice Leader, Kroll
11:40 AM – 12:05 PM
SINET 16 Innovators Present (5-8)
iProov, Andrew Bud, Chief Executive Officer
Menlo Security, Gautam Altekar, Co-Founder & Chief Architect
PatternEx, Uday Veeramachaneni, Chief Executive Officer & Co-Founder
Phantom, Erich Baumgartner, Vice President of Field Operations
12:05 PM – 12:25 PM
SINET Thinks Forward with Yanev Suissa, General Partner,
The Future of Innovation, The Role of the Public Sector, and Their Impact on Cybersecurity
The pace of innovation and the scope of its application are both accelerating rapidly. In this session, we will discuss the shifting dynamics in the early stage technology industry, and delve into focus sectors that are on the minds of entrepreneurs, investors, and relevant corporate players. We will also consider the impact these changes will have on the cybersecurity marketplace. And we will investigate the public sector’s role in shifting the risk-reward analysis across sectors and players in cybersecurity and the broader tech ecosystem- both as a consumer of new technologies and as a regulatory hurdle to deployment and growth.
12:25 PM – 1:25 PM
SINET Connects: Networking Luncheon
Maximize this 60-minute luncheon by sitting down in an informal and intimate setting with distinguished security thought leaders and experts. Topics will focus on how solution providers can best shape their business strategies to meet the needs of the market.
1:25 PM – 1:50 PM
Fireside Chat with Kjetil Nilsen, Director General, Norwegian National Security Authority (NSM) and Robert Rodriguez, Chairman & Founder, SINET
Norwegian National Security Authority’s Perspective on Cybersecurity
1:50 PM – 2:15 PM
SINET 16 Innovators Present (9-12)
Prevoty, Kunal Anand, Chief Technology Officer
ProtectWise, David Gold, Vice President of Product Management
ThreatQuotient, Jonathan Couch, Vice President of Strategy
Twistlock, John Morello, Chief Technology Officer
2:15 PM – 3:00 PM
Bringing The Disparate Cultures of IOT Enterprise Technologies and OT Operational Technologies Together
Industrial control systems run the world’s most important critical infrastructures, i.e Energy, Aviation, Telecom, pipelines, etc. Maintaining interdependency within these communications that are reliant on old legacy systems, is a large challenge as they must work in conjunction with modern internet control systems. In addition, the convergence of physical and digital worlds and associated IOT continues to create larger challenges:
-The internet is anonymous, anyone can access it
-Vendors create devices that connect everyone without authenticity on an already untrusted legacy network
-The Internet was built without security and trust in mind
Once a megatrend gets going, you cannot stop it: Autonomous vehicles, medical devices, the Amazon Effect, drones, blockchain, robotics, and Artificial Intelligence. Success will depend on a communications network comprised of IOT Enterprise technologies and operational technologies (OT) working together, in order for these systems to be trusted and operate securely. This panel will discuss how these two disparate cultures can be brought together.
Galina Antova, Co-Founder & Chief Business Development Officer, Claroty
Greg Crabb, Chief Information Security Officer, Vice President,
United States Postal Service
Bob Gourley, Partner & Co-Founder, Cognito Corp
Gary Johnson, Senior Director, Cybersecurity and Infrastructure,
Kansas City Power and Light
Bob Lam, Co-Founder & Chief Strategy Officer, Bayshore Networks
3:00 PM – 3:20 PM
SINET Thinks Forward with Captain Ed Devinney, USN, Director, Corporate Partnerships and Technology Outreach, United States Cyber Command
3:20 PM – 3:40 PM
Break and Company Exhibits Open
3:40 PM – 4:00 PM
SINET Thinks Forward with Dawn Meyerriecks
Deputy Director for Science & Technology, CIA
Machine Learning and the Future of Intelligence
4:00 PM – 4:20 PM
SINET Thinks Forward with Rep. Darrell Issa, United States Congressman, California, United States House of Representatives
4:20 PM – 4:45 PM
SINET 16 Innovators Present (13-16)
vArmour, Faraz Aladin, Senior Director, Product Marketing
Verodin, Greg Kruck, Chief Systems Architect
Versive, Joe Polverari, Chief Executive Officer
Virtru, Brett Dorr, Vice President, Solutions Engineering
4:45 PM – 5:30 PM
The Threat Landscape – Ransomware, Spyware, IOT Malware, Return of the Worm and More, What Future Menaces are on the Horizon?
Equifax, Target, Sony, OPM, when will the attacks stop or will it stop? What are the most serious threats today and what can we expect in the near future from the continuing onslaught of the adversaries attacks. What processes, models or types of solutions are needed to move the security field forward? These experts will share their thoughts and vision for the near future of challenges and opportunities.
Kim Dozier, Executive Editor, The Cipher Brief & Global Affairs Analyst, CNN
Neil Boland, Chief Information Security Officer, Major League Baseball
Tom Patterson, Chief Trust Officer, Unisys Technology
John S. Rogers, Chief Information Security Officer-Americas, BNP Paribas
Christopher Wlaschin, Chief Information Security Officer,
U.S. Department of Health & Human Services
Closing Remarks and SINET 16 Recognition
Robert D. Rodriguez, Chairman & Founder, SINET
5:30 PM – 7:30 PM
SINET Connects: Networking Cocktail Reception & SINET 16 Company Exhibits