IN-PERSON

San Francisco CISO Executive Summit

June 13, 2018 | Crowne Plaza Foster City/San Mateo

June 13, 2018
Crowne Plaza Foster City/San Mateo

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Colin Anderson

Levi Strauss & Co.
Global CISO

Eddie Borrero

Robert Half
CISO

Krishnan Chellakarai

Gilead Sciences, Inc.
Sr. Director, IT Security & Privacy

George DeCesare

Kaiser Permanente
SVP, Chief Technology Risk Officer

Peter Liebert

State of California-California Department of Technology Services
CISO

Steve Martino

Cisco Systems, Inc.
VP, CISO

Steven Young

Blue Shield of California
CISO, VP

Agenda

June 13, 2018

morning mid-afternoon afternoon

7:00am - 7:45am Registration & Breakfast

8:00am - 8:50am Keynote

The Power of Habit

Charles Duhigg

Pulitzer Prize Winning Reporter and Author, "The Power of Habit"

Charles Duhigg explores the science of habit formation, illustrating why we do what we do and how we can change it. Duhigg explains why the most powerful habits have emotional cores, and how tweaking even one habit can have staggering effects. Duhigg draws from a number of current case studies—including the success of Febreze, how Starbucks trains employees in willpower habits, and how organizational habits contributed to a tragic subway fire.

8:50am - 9:20am Networking Break

9:20am - 10:10am Breakout Session

Solutions for Security Practitioners

Maxime Rousseau

Chief Information Security Officer

Personal Capital Corporation

Talha Tariq

CISO

Anki

David Tsao

Global Information Security Officer (CISO)

Veeva

Ody Lupescu

Head of Information Security

Earnest (Navient)

What are your greatest challenges to your information security program? This panel of CISOs, led by Ody Lupescu at Earnest (Navient), answers questions posed in advance by the audience. Discussing tweaks to traditional information security, upcoming developments, and collaboration among security professionals, this panel candidly finds solutions to today’s security problems.

9:20am - 10:10am Breakout Session

Defending Against the Invisible Risk with Artificial Intelligence

Ladi Adefala

Senior Security Strategist

Fortinet, Inc.

Cyberthreats are everywhere. It is challenging enough to stay ahead of the criminals when they utilize known methods and attack vectors. What happens when you can’t see the attack? How do you defend your organization against the unknown threat? Join Ladi Adefala and discover how artificial intelligence (AI) and machine learning can help you gain visibility and mitigate risk. Adefala explores how to tip the security odds in your favor and strengthen your defenses, before threat actors themselves begin to employ AI-based tools in their attack strategies.

9:20am - 10:10am Executive Boardroom

Securing the Virtual Data Center with Predictive Analytics

Al Ghous

Sr. Director, Cyber Security

General Electric Company

Rick McElroy

Security Strategist, R&D

Carbon Black

How do you scale security in the cloud without compromise? As organizations go into a majority cloud environment, priorities change – often at the expense of increased risk to an ever-changing environment where employees expect “instant gratification” and access to data anywhere, anytime. Join this peer dialogue to discuss how the definition of endpoint shifts when you’re working in a virtual environment – and how behavioral threat detection can stop emerging threats in the shift to 100% cloud.

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Greg Winterrowd at 971-717-6628 or Greg.Winterrowd@evanta.com.

10:10am - 10:40am Networking Break

10:40am - 11:30am Breakout Session

Informing and Influencing the Board on Cybersecurity

Lori Varlas

SVP & CFO

Hitachi Vantara

Security executives experience a host of challenges when presenting to the board. The inherent complexity of security technologies make it challenging to formulate clear ideas in business terms to the board. It is a fine line for CISOs to balance between “Fear, Uncertainty and Doubt”, “the sky is falling” messages and a constructive risk management and business enablement message. How do you create the right metrics and then properly translate that into board terminology? Lori Varlas, SVP and CFO of Hitachi Vantara, shares how to tailor security reporting to the board. From the perspective of the finance office, Varlas provides insight on how to convey technical security risks into business or financial risks in the most pertinent manner.

10:40am - 11:30am Executive Boardroom

The Influencers Circle

10:40am - 11:30am Executive Boardroom

Navigating the Moving (or Missing) Needle of Identity

James August

CISO

University of the Pacific

Sankara Shunmugasundaram

Principal Security and Compliance Officer

AppDirect

Abbas Rangwala

SVP, Solutions

Saviynt

With the continued emergence of SaaS solutions, CISOs face emerging challenges in identity governance and administration (IGA). In particular, CISOs struggle to gain visibility end-to-end, making it impossible to manage what you can’t see. What challenges are your peers experiencing in navigating IGA in hybrid IT environments and how are they overcoming them? What do CISOs see in their future of IGA? Join this interactive session to discuss challenges and exchange best practices around IGA as CISOs adapt to rapidly changing business demands.

To reserve your seat, please contact: Greg Winterrowd at 971-717-6628 or Greg.Winterrowd@evanta.com.

11:30am - 12:00pm Networking Break

12:00pm - 1:10pm Keynote

How Security Leaders Can Integrate Evolving Technology

George DeCesare

SVP, Chief Technology Risk Officer

Kaiser Permanente

Advances in technology are encouraging security leaders to adapt. As the definition of the perimeter of protection continues to change, security is pushed to evolve and include real time solutions. George DeCesare shares how tools such as machine learning and artificial intelligence are making an impact, and how CISOs can develop a strategy to adjust to the new age. With both conceptual and practical examples of technology, DeCesare defines how executives can face the next wave of threats amidst a shifting environment.

1:10pm - 1:40pm Networking Break

1:40pm - 2:30pm Breakout Session

Are We Secure? Answering the Unanswerable

Justin Berman

CISO

Zenefits

What does secure look like? Is it compliance with regulation? Best practice adherence? Does any of that make any difference to an adversary? Security teams need clear tools to measure the effectiveness of controls they deploy to stop the adversaries they face every day. Justin Berman, CISO at Zenefits, outlines an approach and a practical methodology for delivering scalable test oriented security that helps your controls evolve where they most need to.

1:40pm - 2:30pm Executive Boardroom

Managing the Web of Data Protection and Global Regulation

Gary Coverdale

CISO

Mono County

Kannan Perumal

Chief Information Security Officer

Applied Materials

Miller Newton

President and CEO

PKWARE, Inc.

Organizations have scrambled to meet the data protection regulations set forth by the EU, taking effect on May 25^th, 2018. Now that GDPR has taken effect, where does your organization stand – and what’s next for meeting requirements? This roundtable discussion explores meeting compliance as regions around the world set their own data protection standards and regulatory requirements, leaving CISOs to struggle to protect a complex global network. Join this interactive discussion with peers on how to create a unified data protection and compliance strategy.

To reserve your seat, please contact: Greg Winterrowd at 971-717-6628 or Greg.Winterrowd@evanta.com.

2:30pm - 2:50pm Networking Break

2:50pm - 3:40pm Breakout Session

The CISO Journey – Building Your Professional Brand

Michael Wilson

SVP & CSO

Molina Healthcare, Inc.

You’ve made it to the C-suite – where do you go from here? How can CISOs effectively build their professional brand as the CISO role continues to evolve? Michael Wilson, CSO at Molina Healthcare, leads this interactive roundtable discussion on career progression and growth for CISOs. Join to discuss with peers on how you can grow the impact of your existing role, leverage your skills and further develop yourself to take the next step in your career.

2:50pm - 3:40pm Executive Boardroom

Outsmart the Agile Enemy

Glen Carson

CISO

California Natural Resources Agency

Jeff Klaben

CISO

SRI International

Sig Murphy

Managing Director, Incident Response and Forensics

Cylance

As the scourge of Ransomware demonstrates, cyber criminals are constantly sharpening their toolset and evolving their methodology. While today’s security leaders focus strategies on this particular menace, there is certain to be a more insidious threat ready to take its place. In this arm’s race, CISOs must embrace the same adaptability as their enemies, creating programs both robust enough to protect critical data and flexible enough to nimbly respond to and anticipate rapid change. In this conversation, you and your peers will examine the shifting nature of the threat landscape and explore avenues to greater awareness, protection and agility in the age of the breach.

To reserve your seat, please contact: Greg Winterrowd at 971-717-6628 or Greg.Winterrowd@evanta.com.

3:40pm - 4:00pm Networking Break

4:00pm - 4:40pm Keynote

Integrating Security into the Product Roadmap

Subra Kumaraswamy

VP, Cybersecurity

Visa

How can security leaders balance the integration of security controls into a product without impeding development? Subra Kumaraswamy, VP, Cybersecurity, of Visa, Inc., shares successful approaches to building security into products in an automated way throughout the technology development’s lifecycle. Kumaraswamy uses the example of ShiftLeft, an approach that involves empowering developers by engaging them early in the lifecycle. This enables a more agile approach to design and development, identifies issues early, decreases development costs and enables developer’s growth.

4:40pm - 5:00pm Closing Reception & Prize Drawing