The CISO Executive Summit is a great experience and I really enjoyed the opportunity to network with other IT professionals, share lessons and forward-looking plans.
Tom Soderstrom, IT CTONASA Jet Propulsion Laboratory
The CISO Executive Summit is easily one of the best opportunities for security professionals to meet, network, talk and even learn, as a dedicated regional security event. I can’t recommend it highly enough.
Today’s world presents a unique time for information security. With the speed of change accelerating, the CISO faces signiﬁcant challenges. The constant barrage of news items highlighting hazards such as wikileaks, advanced persistent threats, cybercrime, hacktivism, social computing and consumerization of the enterprise is overwhelming. In addition, threat of legal and regulatory actions is increasing, as the U.S. is discussing a ‘kill switch’ for the internet in an effort to protect national interests. Is security about conﬁdentiality, integrity and availability? Is security more about business enablement and risk management? Does information security really exist anymore? Will it in three years? Should it exist at all? Why is information security such a struggle? Malcolm Harkins and Anne Kuhns will lead an interactive discussion addressing these critical questions while exploring the role, responsibility and future of information security.
IT organizations are faced with a challenging, but exciting time as new information technologies and cutting-edge developments dramatically alter the way we live, work and socialize. Join Tom Soderstrom as he draws upon his experiences advising ‘life-and-death’ IT experiments to glimpse into the future and offer his expert views on the hottest technologies, IT trends of the coming decade and intriguing innovations just beyond the horizon.
Session discovery topics: • Examining emerging trends — beneﬁts and challenges • Understanding the next generation of technology and innovation • Predicting the future of IT organizations — analyzing the role they will play
IT organizations are required to manage large numbers of user account directories while maintaining efficient security and access controls. Confronted with an out-dated access management system that did not properly address confidentiality and availability requirements, Hank Gruenberg faced the task of developing a cost-effective solution that delivered value to the business. Through a reinvented process that alleviated the complexities of the current system, Gruenberg aimed to efficiently meet security, operational and compliance objectives.
Session discovery topics: • Recognizing the root of the problem — why is access management difficult • Creating a governance model — using a two-phase approach while avoiding inherent complexities • Analyzing results — improved controls, business value and lessons learned
What’s in a name? The expectations that organizations have placed on their CISOs are not only challenging to meet, but often are challenging to deﬁne as well. How well are you living up to your role? At different times you may be expected to be a technical savant, a family therapist, a new-age philosopher, a wartime general, and in some cases a ‘yes man’. You may be expected to be all of the above, all in one day. This is the life of a CISO.
How can any one person ever live up to such lofty expectations? Jonathan Chow will discuss what makes the perfect CISO, how to tell if you’re being effective and how to maintain your sanity while being all things to all people.
The fast-paced environment of mobile technologies presents a challenging task for IT security, and CISOs must manage a double-edged sword: critical decision points are driving custom mobile security strategy overlaid with the existing control market. Join Ed Pagett as he discusses the competing forces of IT consumerization in the mobile market and the tangible security concerns it exposes.
Session discovery topics: • Controlling the device or the data • Implementing and managing levels of control • Methods peers in the community are practicing
The advance of human civilization has been governed by breakthroughs in media and communications technology. Today, at the dawn of the second century of electronic media, we are experiencing another massive transformation driven by new ways to communicate and share ideas. This discussion led by Robert Tercek, one of the world’s most proliﬁc creators of interactive entertainment, provides an inspiring look at the social and economic impact of the age of accelerating information.
Conversations discussing the cloud are numerous and diverse, presenting security organizations with challenging and critical decisions. The hype surrounding the myriad of marketed services, and the push to adopt a cloud model, has led many security leaders to question when and how to successfully transition into cloud environments. This panel discussion will explore key factors driving cloud initiatives and identify new risks that are preventing many IT security organizations from placing mission critical data in the cloud.
Session discovery topics: • Considering varying views of the cloud — establishing a deﬁnition and framework for discussion • Revisiting decisions in a shifting cloud landscape • Examining your security infrastructure now vs. in the cloud — understanding key differences and beneﬁts
The golden arches of McDonald’s represent one of the most recognized brands in history. Serving more than 60 million customers daily in 117 countries, consumer conﬁdence is critical to the McDonald’s brand. As such, IT security can have a huge impact on brand conﬁdence and protecting shareholder value, and no one knows this more than Marc Varner, CISO for McDonald’s Corporation. What Varner also understands is that McDonald’s size — an estimated 1.7 million employees — represents a great deal of information security risk.
To combat these risks, Varner has implemented a governance plan which is helping to drive a global strategy and direction. In this session, Varner will share prior experience concerning brand and reputational loss, the speed at which these circumstances can occur, and what he’s doing to ensure that McDonald’s customers, shareholders and employees are never affected by such events.