IN-PERSON

Washington, DC CISO Executive Summit

November 19, 2019 | Marriott Marquis, Washington DC

November 19, 2019
Marriott Marquis, Washington DC

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Sam Abbate

Northrop Grumman Corporation
Vice President and Chief Information Officer

Ted Colbert

Boeing
CIO & SVP

Jim Connelly

Lockheed Martin
VP & CIO

Mike Gordon

Lockheed Martin
VP & CISO

André Mendes

US Department of Commerce
Acting CIO

Shamim Mohammad

CarMax
SVP & CIO

Christopher Porter

Fannie Mae
CISO

Agenda

CISO AGENDA CIO AGENDA

November 18, 2019

afternoon

November 19, 2019

morning mid-afternoon afternoon

6:00pm - 8:30pm Governing Body Welcome Reception

Governing Body Welcome Reception

Governing Body members host this dinner to launch the event with an evening of peer networking.

7:00am - 7:45am Registration & Breakfast

7:45am - 8:00am Opening Comments

8:00am - 8:30am Keynote

Adaptive, Innovative and Dependable — The DoD’s Modernization

Jack Wilmer

Deputy CIO for Cybersecurity and CISO

U.S. Department of Defense

As one of the nation’s largest employers with business operations in almost every industry, the Department of Defense is operating one of the world’s most complex set of networks. IT is a critical enabler for the command and control of forces executing warfighting operations, management and protection of information assets. Jack Wilmer will outline how the DoD is finding the way forward to a more secure, effective and efficient digital environment.

In this keynote, you will hear about:

Innovating for a competitive advantage
Evolving cybersecurity for an agile and resilient defense posture
Cultivating talent for a digital workforce

8:30am - 9:00am Networking Break

9:00am - 9:50am CIO & CISO Featured Session

Cyber Governance and Regulation in the Enterprise

Tim Callahan

Global Chief Security Officer

Aflac

David Shive

CIO

GSA

Cybersecurity regulation can be a divisive topic and the government’s role regarding information security is often led by two primary factions: one side that welcomes regulations and another that rejects government interference. Where do you stand?

In this co-presentation, you will hear:

What’s being said and done on the hill
When you should start preparing for regulatory shifts
How different opinions are influencing cyber legislation

9:00am - 9:50am CIO & CISO Featured Session

A Governance Perspective – Attack and Failure Surfaces

Keith Rayle

Strategist

Fortinet, Inc.

The ability for cybercriminals to attack increasingly complex and disparate architectures has become a simplified exercise in picking and choosing the easiest targets. Are we, as a profession, simply magnifying this issue by creating silos of security? Keith Rayle from Fortinet will provide insight into the challenges of governance and how security professionals can reduce the attack surface of controls and protection mechanisms.

Join this session to learn about:

Governance challenges of today and how they mirror the past
The disappearing towers – where did my highly visible IT business operations go?
The increasing complexity of IT and how it assists cybercriminals

9:00am - 9:50am CISO Executive Boardroom

Modernize and Containerize

Amy Claire Smith

Executive Cloud Security Architect

IBM

Michael Castagna

CISO

Navient

John Skudlarek

Acting CIO

Federal Communications Commission

The next wave of cloud involves multiple environments, which begs the question: how do you securely orchestrate various architectures and policies? This session will address risk best practices, like containers. Join this peer-led discussion about scalability and integrated security testing.
In this boardroom, you’ll explore:

Privacy concerns in containerized applications
Servers and containers as the new mainframe
Freedom and flexibility with containers

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact your event Jordan Guess at 971-717-6668 or Jordan.Guess@evanta.com.

9:50am - 10:20am Networking Break

10:20am - 11:10am CISO Featured Session

Journey to the Cloud — A Benchmarking Session

Zachary Brown

CISO

Federal Deposit Insurance Corporation

Shaun Khalfan

VP, Information Security

Freddie Mac

Justin Black

CTO

United States House of Representatives

Many security leaders face the challenge of securing a blend of on-premises and cloud services, and achieving a seamless strategy addressing both is no small task. Find out how you compare to your peers and share your lessons learned in this collaborative session.

In this session, you’ll compare:

Successes and challenges during cloud migration
Governance best practices for data and users
Benefits and pitfalls of hybrid infrastructure

10:20am - 11:10am CISO Executive Boardroom

Modern Approaches to Protecting Your Third-Party Ecosystem

Scott Schneider

Chief Revenue Officer

CyberGRX

Stacey Halota

VP, IS & Privacy

Graham Holdings

Gayle Guilford

CISO

City of Baltimore, Maryland

It's no secret that hackers are opportunistic. They are constantly looking for the weakest link and are quick to capitalize on one as soon as it's spotted. This boardroom will discuss:

Third-party cyber risk best practices
New strategies for third-party cyber risk management (TPCRM) and how they work
How to scale your third-party risk management (TPRM) program to evolve with your ecosystem

11:10am - 11:40am Networking Break

11:40am - 12:20pm Lunch & Comments

12:20pm - 12:50pm Keynote

Achieve 100% Analytics Adoption with a New Class of Enterprise Intelligence

Michael Saylor

President, Chairman of the Board & CEO

MicroStrategy

Despite having access to a wealth of data, enterprises still struggle to effectively deliver trusted insights to the entire workforce—preventing them from realizing the full value of their data investments. Overcoming this challenge takes pervasive adoption of trusted analytics.

This session will cover:

Mastering the next wave of Enterprise Intelligence with zero-click analytics
Empowering your workforce to get more from tools they use, every day
Using mobile productivity apps to impact every business role and function

12:50pm - 1:20pm Networking Break

1:20pm - 2:10pm Breakout Session

The C-Level Mandate for Secure Cloud Transformation

Stan Lowe

Global CISO

Zscaler

IT leaders commonly face two opposing pressures: an external push to “lift and shift” everything to public cloud, and an internal pressure to maintain legacy IT “hardware-defined” architectures.

In this session, you’ll learn:

How to use ROI and TCO as building blocks for a compelling business case
Tips on creating your story to drive consensus
How to tie disruptive technology into the broader business case

1:20pm - 2:10pm CISO Executive Boardroom

Cyber Resiliency — Evolving Your Cyber Ecosystem

Casey Getz

Head of Cyber Strategy and Enterprise Architecture

Rolls-Royce North America

Jeremy Dold

Director, Global Security and Privacy, Information Security Officer

Liberty Mutual Insurance

Bruce Potter

CISO

Expel

Richard Friedberg

Chief Security Officer

Blackbaud

Managing and mitigating risk is a complex undertaking that spans phishing to networking monitoring. Faced with increasingly complex and sophisticated threats, CISOs must be strategic about improving their resilience and tracking improvements.
Join this boardroom to discuss:

Emerging security models based in transparency
Understanding security risks when it comes to cloud
Managing the business’s risk appetite
Building a resilience plan

2:10pm - 2:30pm Networking Break

2:30pm - 3:20pm CISO Featured Session

Digital Risk Explosion — Managing Risk in a Hyper-Outsourcing World

Jonathan Niednagel

SVP of Global Services

RiskRecon

Digital transformation has dramatically transformed the enterprise risk surface, automating a vast array of processes while outsourcing a vast array of systems and services. Through this frenetic reshaping, few organizations truly understand the nature of their new risk reality and how to successfully manage it.

In this interactive discussion we will:

Explore the true nature of the enterprise cyber risk surface
Discuss threats and regulations driving organizations to better manage their extended enterprise
Share insights on how to better manage third-party risk (hint: good data!)

2:30pm - 3:20pm CISO Executive Boardroom

IAM in the Digital Age

Scott Daitzman

CISO

NVR

Amit Khosla

Business Information Security Officer

U.S. Bank

Frank Aiello

CISO

MAXIMUS

From making the business case for deploying an IAM program to developing compelling metrics down the road, getting buy-in on an access program is key. Join this roundtable discussion to benchmark your framework and vet future plans, and learn the most innovative tactics security leaders are using for IAM at their organization, including:

Methodologies that satisfy users while maintaining adequate access controls
Communication techniques to streamline acceptance of IAM across the business
Roadmaps for deciding what technology is the best fit

3:20pm - 3:40pm Networking Break

3:40pm - 3:50pm Closing Comments

3:50pm - 4:20pm Keynote

Secure and Digitize the Enterprise

Suzanne Hall

Global CISO & VP Technology

Couche-Tard

Eddie Alicea

Director of Information Technology

BAE Systems

Nicolas Leshock

CIO

General Dynamics

Technology executives are the tip of the spear when it comes to driving impact throughout today’s digital business. Yet with this leadership comes the burden of responsibility for widespread, secure initiative implementation. Learn how top executives are delivering maximum impact and lasting change while securely moving the enterprise forward.
In this keynote, you’ll hear about: