IN-PERSON

Detroit CISO Executive Summit

November 12, 2019 | The Westin Book Cadillac Detroit

November 12, 2019
The Westin Book Cadillac Detroit

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Martin Bally

American Axle Manufacturing
CISO

Derek Benz

Ford Motor Company
CISO

Brent Cieszynski

Blue Cross Blue Shield of Michigan
VP & CISO

Earl Duby

Lear Corporation
VP & CISO

Russ Gordon

BorgWarner
CISO

Mauricio Guerra

Dow
CISO & Director, Global Information Security

Fred Killeen

General Motors
CISO

Tabice Ward

DTE
Director & CISO

Erik Wille

Penske Automotive
Head of Information Security

Agenda

November 12, 2019

morning mid-afternoon afternoon

6:30am - 7:30am Networking Break

7:00am - 7:45am Registration & Breakfast

7:45am - 8:00am Opening Comments

8:00am - 8:30am Keynote

Preparing for Tomorrow’s Big Security Trends

Martin Bally

CISO

American Axle Manufacturing

Bridget Kravchenko

CISO

Meritor

Angela Williams

Director of Enterprise Information Security

Blue Cross BlueShield of Michigan

Russ Gordon

CISO

BorgWarner

With 2019 drawing to a close, it is time for CISOs to start preparing for what coming in 2020. However, the future threat landscape is as difficult to predict as a cyber-attack. Join this panel of your peers as they dive into security trends to expect in the new year.

In this keynote, you will explore:

Lessons learned in 2019
Strategies to protect against the evolving security landscape
Key insights into future cyber trends

8:30am - 9:00am Networking Break

9:00am - 9:50am Breakout Session

Expanding the Talent Pipeline

Tabice Ward

Director & CISO

DTE

Angela Williams

Director of Enterprise Information Security

Blue Cross BlueShield of Michigan

Growing the security talent pool will require CISOs to get creative in how they develop and deploy talent. In this interactive session, you will:

Hear from member of the community who is working to solve the gap
Brainstorm recruitment and retention strategies
Determine strategies to connect organizations to the talent pipeline

9:00am - 9:50am Breakout Session

Prepare for a Major Cyber Attack

Drake Sadler

Director, Global IT Security

DexKo Global

Most CISOs feel comfortable managing the minor security incidents with standardized processes, but what about major incidents that shake the very foundation of your organization like the NotPETYA attack? Such crises can be career changing.

Join this workshop to:

Learn the basic building blocks of effective cybersecurity crisis response
Share challenges and best practices in managing major security events
Benchmark against your peers and identify lessons learned

9:00am - 9:50am Executive Boardroom

Cyber-Risk Management — New Approaches for Reducing Your Cyber-Exposure

John Beeskow

CISO

Chemical Bank

Pamela Hensley

Director, Information Security

AAA Life Insurance

Keith Textor

VP, Global Professional Services

Tenable

When it comes to reducing cyber exposure, overcoming vulnerability overload is critical. Find out how to improve your vulnerability management efforts so you can close your cyber exposure gap and focus on what matters most to your business.

During this peer discussion, you will explore how to:

Translate raw vulnerability and threat intelligence data into business insights
Benchmark your organization’s cyber exposure to guide decision making
Use threat intelligence to move the most dangerous vulnerabilities up your priority list

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Kenzie Howard at Kenzie.Howard@evanta.com or 971-978-5041.

9:50am - 10:20am Networking Break

10:20am - 11:10am Breakout Session

Digital Risk Explosion — Managing Risk in a Hyper-Outsourcing World

Peter Kobs

EVP

RiskRecon

Digital transformation has dramatically transformed the enterprise risk surface, automating a vast array of processes while outsourcing a vast array of systems and services. Through this frenetic reshaping, few organizations truly understand the nature of their new risk reality and how to successfully manage it.

In this interactive discussion we will:

Explore the true nature of the enterprise cyber risk surface
Discuss threats and regulations driving organizations to better manage their extended enterprise
Share insights on how to better manage third-party risk (hint: good data!)

10:20am - 11:10am Breakout Session

Secure Product Design Lifecycle for Connected Vehicles

Lisa Boran

Manager, Vehicle Cybersecurity

Ford

As vehicles continue to evolve the benefits of increased automation and connectivity are plentiful. Nevertheless, these new conveniences and performance technologies come with new risk and attack surfaces. Join, Lisa Boran as she explores cybersecurity implications that are associated with connected vehicles, specifically:

The importance of automotive cybersecurity
Approaches the automotive industry is taking to ensure security
Regulatory requirements that are on the horizon

10:20am - 11:10am Executive Boardroom

Data Governance and Unstructured Data Security and Privacy

Travis Bray

Director, Global Information Security

Magna Powertrain Inc.

Daren Fairfield

CISO

Whirlpool Corporation

John Herring

CEO

Fasoo

Organizations are challenged with how to implement data governance security and privacy requirements across their growing inventory of unprotected unstructured data. Unstructured data in the form of sensitive documents including intellectual property and PII is the “wild west” of data security and privacy as it travels freely internal and external to the organization. In this boardroom, get answers to the most pressing questions, including:

How to gain visibility into high risk areas?
What controls and policies should be in place to protect unstructured information assets while maintaining compliance?
What emerging methods, strategies and best practices for unstructured data security and privacy exist?

11:10am - 11:40am Networking Break

11:40am - 12:20pm Lunch & Comments

12:20pm - 12:50pm Keynote

Talk the Talk — Gaining Executive Support

Preston Jennings

VP Information Security & CISO

Trinity Health

Effective communication isn’t just important when approaching the board – it’s important when approaching senior leaders and employees. Preston Jennings knows that gaining buy in from the board is much easier when you already have leadership and employee support.

In this session, you’ll learn strategies to:

Communicate your message at different levels of leadership
Give senior leaders visibility into your security program
Present appropriate executive level staff and board metrics

12:50pm - 1:20pm Networking Break

1:20pm - 2:10pm Breakout Session

Strategies for Securing CDO-CISO Collaboration

Sankar Bala

SVP, Chief Data Officer - Enterprise Data Management

Flagstar Bank

Joshua Jaffe

Global CISO

Mercedes-Benz Financial Services

CDOs and CISOs often have conflicting goals regarding data — one wants to glean insights from it, while the other wants to protect it. How can you enable a data-driven business while still safeguarding valuable information?

In this session, CDOs will discuss:

Strategies for CDO and CISO collaboration
What questions CISOs should be asking their CDOs
How to effectively manage data

1:20pm - 2:10pm Breakout Session

SOAR Above Security Challenges

Augusto Barros

VP Analyst

Gartner

Between skills shortages, the escalating sophistication of threats and alert overload, cybersecurity automation is a must. Augusto Barros demystifies ways CISOs can apply orchestration and automation technologies to increase security operations effectiveness and reduce alert fatigue.

Gain best practices-driven insight into:

How organizations are leveraging SOAR tools to improve their incident response practices
Determine where and how to automate, and what are the prerequisites to make it work
Ways to evolve and scale your playbooks as the threat landscape changes

1:20pm - 2:10pm Executive Boardroom

Next-Generation Cloud Security

Arun DeSouza

Chief Information Security & Privacy Officer

Nexteer

Earl Duby

VP & CISO

Lear Corporation

Sean Cordero

VP, Cloud Strategy

Netskope

As organizations increasingly turn to cloud-based services to enable the next phase of digital transformation, security leaders face the challenge of ensuring the enterprise’s data remains secure. Join this session to learn the emerging best practices your peers employ to secure the cloud, including:

Automation, orchestration, AI and machine learning strategies
Information governance in the cloud
Ways to incorporate the cloud into a fully articulated security strategy

1:20pm - 2:10pm Breakout Session

Office Hours with Chris Ulrich

Chris Ulrich

Body Language Expert & Political Consultant

Author & Thought Leader

What does your body language say about you? What shifts might you make to change how others perceive you? Join this special one-on-one 25-minute session exclusively for Governing Body members with body-language expert, Chris Ulrich for candid feedback on your in-person and online body language. Sessions are 25-minutes and pre-registration is required.

Please contact Rebecca Bell, Content Manager, at rebecca.bell@evanta.com if you are interested in this exclusive session.

2:10pm - 2:30pm Networking Break

2:30pm - 3:20pm Breakout Session

Maturing Your SOC

Alex Padilla

Interim CISO & Director, SOC

Domino's Pizza

As cyberattacks get worse security operation centers need to stay ahead of these evolving threats. No one understands that better than Alex Padilla, who has matured Domino’s SOC from a level one to a level four center.

In this session he will share:

The importance of staffing your SOC effectively
Strategies to show that your SOC enables the business
How to move beyond technology and focus on people and processes

2:30pm - 3:20pm Executive Boardroom

Regulation & Privacy — Beyond GDPR

Zahira Gonzalvo

SVP, Chief Information Security & Privacy Officer

Flagstar Bank

Homyar Naterwala

Head of Cyber Security

GE Capital

Since its enforcement date, GDPR has changed the way CISOs think about privacy risk management. In addition, it became a catalyst for new data protection laws and regulation. Compare best practices for your industry, business and regulatory environment in this interactive discussion, including:

How to interpret the implications of regulatory requirements
Strategies to stay ahead of ever-changing privacy regulations
Methods to optimize your data privacy program

3:20pm - 3:40pm Networking Break

3:40pm - 3:50pm Closing Comments

3:50pm - 4:20pm Keynote

Executive Presence for Lasting Leadership

Chris Ulrich

Body Language Expert & Political Consultant

Author & Thought Leader

Any given gesture — a nod, a point of the finger — unconsciously communicates powerful ideas and feelings that have tangible consequences. Top executives are generally proficient in their ability to interact with others, but the stakes are raised during high-level negotiations, reporting to the board, inspiring and empowering senior managers or dealing with tricky internal matters.

Join body language expert Chris Ulrich as he shares: