Southern California

CISO Executive Summit

May 14, 2012

Omni Los Angeles Hotel at California Plaza


May 14, 2012 / Conference

7:00am - 7:40am

Registration & Breakfast

7:45am - 8:50am Opening Keynote

Zen and the Art of Cybersecurity


Ira Winkler
Author & President
Internet Security Advisors Group
Expand Additional Information

The biggest problem in corporate information security is the people performing the work. There are those outside the security field, and even many inside the field, who think they know what they need to know about security but clearly don’t. Additionally, some people know a great deal about one aspect of security, but are woefully weak in other aspects and don’t know it (or want to know it). Because of this phenomenon, most organizations have a false sense of security. Using entertaining analogies from martial arts and psychology, Ira Winkler will discuss this critical security failing, sharing tips on how to tell if you are dealing with people who are properly skilled, and how to plan your security programs accordingly.

8:50am - 9:20am

Networking Break

9:20am - 10:10am Breakout Sessions

Advanced Security

Featured Speaker  sponsored by: RSA, The Security Division of EMC

Dave Martin
VP, Chief Security Officer
EMC Corporation
Expand Additional Information

The security industry has demonstrated time and time again an enduring resiliency and ability to innovate that has made information technology safe enough to transform the world. But today we face harsh realities. Never have we witnessed so many high-profile, targeted cyber attacks than in the past year. So, what do we do now? Just as our adversaries have taken advantage of the sheer speed and availability of information on the Internet, we need to do the same. In this session, Dave Martin will explain how we can unearth the wealth of intelligence that is buried within those very same infrastructures — and use that intelligence to our advantage. Martin will discuss how we must change our conventional approach to security to an intelligence-driven approach in order to continue to build a trusted digital world.

Advancing Your Organization Through Metrics

Best Practice  sponsored by: LogLogic

Dan Meacham
ARAMARK Uniform & Career Apparel
Expand Additional Information

The ability to communicate clear and concise information to your leadership team is essential in maintaining a successful security program and achieving corporate buy-in. Dan Meacham, CISO at ARAMARK Uniform & Career Apparel is making it his priority to establish easy to read metrics and dashboards that provide transparent communication throughout the organization. His ability to utilize mobile technology ensures that the right information is viewed in an effective and efficient way. In this session, Meacham will explore the importance of understanding the data and how to deliver this information to your executives in an easy to read format that enables them to ask the right questions that will move their organizations forward.

10:10am - 10:40am

Networking Break

10:40am - 11:30am Breakout Sessions

Securing the Unsecurable

Featured Speaker  sponsored by: McAfee, Inc.

Simon Hunt
VP & CTO, McAfee Endpoint Security
McAfee, Inc.
Expand Additional Information

The threat environment has changed rapidly, and what we once thought of as theoretical is now a reality. Things we thought couldn’t be secured, or didn’t need to be secured, are now essential to a secure environment. We’ve seen a rise in advanced persistent threats, which have been effective in targeting organizations worldwide. Critical infrastructures were not a major concern for most — until Stuxnet hit and left organizations scrambling. Now, with the explosion of embedded devices, we’re seeing an explosion of threat vectors. We must secure all of these, while the bad guys only need to find one way in.

Simon Hunt breaks the myth that certain things don’t need to be secured, and that certain things aren’t securable. He will discuss a new approach, which encompasses going into the hardware, ensuring real-time updates and strong, clear metrics for success.

Security Program Maturity – A Strategic Risk Perspective

Best Practice  sponsored by: Verizon

Alexander Kunz
Security Program & Governance Manager
Sempra Energy
Expand Additional Information

At Sempra Energy, Alex Kunz is working to develop an information security strategy that identifies the essential components of a successful risk management program. In this session Kunz will discuss Sempra’s strategic roadmap for security program maturity. He will share his challenges and lessons learned as well as how others can leverage what he has done to implement an effective risk strategy.

Session discovery topics:

  • Understanding and applying key business processes
  • Integrating operational processes with security, risk and compliance
  • Combining the roles and responsibilities of risk management and security
11:30am - 12:00pm

Networking Break

12:00pm - 1:20pm Luncheon Keynote

Defending Your Data: Why Today’s Advanced Attacks Demand Shared Security Awareness

Keynote  sponsored by: Websense

Jason Clark
John McCormack
Expand Additional Information

Today, a single security breach can change a company’s future. CISOs are losing control of platforms and channels; endpoints are becoming user-owned mobile devices; cloud applications now deliver data to uncontrolled locations and networks; and perimeters are open to social networking, social media, and the cybercrime that comes with them. Jason Clark and John McCormack will provide solutions for protecting your organization amidst this changing environment. Ultimately, it begins with controlling your data — who’s accessing it, where it’s been and where it’s going.

Session discovery topics:

  • Malware’s role in other data theft attacks
  • Preparing for APT and how to respond when you’ve been attacked
  • A logical evolution of the modern secure gateway
1:20pm - 1:50pm

Networking Break

1:50pm - 2:40pm Breakout Sessions

Operation Phish Phry

Featured Speaker 

Federal Bureau of Investigation
Expand Additional Information

This presentation is a special request from the Governing Body to hear the FBI share their case study of Operation Phish Phry (OPP). OPP is an international investigation which led to one of the largest cyber fraud take-downs in recent history.

Balancing Productivity and Protection

Executive Boardroom  sponsored by: Palo Alto Networks

Robert Brown
Director, Info. Security & CISO
Justin Kwong
Sr. Director, IT Ops & Sec.
24 Hour Fitness USA, Inc.
Wade Williamson
Senior Security Analyst
Palo Alto Networks
Expand Additional Information

You are invited to join discussion leader, Robert Brown and moderator Wade Williamson in this interactive, executive boardroom. We will discuss how enterprise applications, users and their devices intersect with security and productivity, as well as strategies for embracing new technologies without taking on new risk.

Session discovery topics:

  • Keeping your enterprise productive while defending it from a new breed of sophisticated threats
  • How internal users and external threats can skirt your security using enterprise applications
  • The impact of the growing popularity of SSL to enterprise security and end-user privacy
  • Practical security strategies to enable technologies while combating threats

Due to the format of the Executive Boardroom session, there are a limited number of seats available. Seating priority will be given to CISOs. To reserve your seat, please contact Scott Smejkal at 503-972-4452, or Sponsor participation is limited to Boardroom sponsor attendees only

2:40pm - 3:10pm

Networking Break

3:10pm - 4:00pm Closing Keynote

Closing the Gap on Mobility

Keynote  sponsored by: IBM

Jonathan Chow
NBC Universal, Inc.
George DeCesare
Chief Data Security Administrator
Dignity Health
Robert Pittman
Los Angeles County
Ed Pagett
Lender Processing Services, Inc.
Expand Additional Information

Mobile technologies are infiltrating every aspect of the workforce, and having a mobile strategy is no longer an option, it is a necessity. With this influx of technologies comes new risks and liabilities. In this interactive panel moderated by Ed Pagett, Jonathan Chow, George DeCesare and Robert Pittman will discuss the current state of mobility and the role security plays in this rapidly evolving landscape. They will explore the regulatory requirements surrounding mobile devices and how CISOs can partner with the business to implement a secure and effective mobile strategy.

4:15pm - 5:00pm

Closing Reception & Luxury Prize Drawings