Boston CISO Executive Summit

May 7, 2019, InterContinental Boston

May 7, 2019
InterContinental Boston

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the Boston CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Strategies for a risk-aligned, resilient organization

Developing and investing in the security workforce of tomorrow

Creating business value and supporting agile business operations

Boston CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Kevin Brown headshot

Kevin Brown

Boston Scientific
CISO

Brian Haugli headshot

Brian Haugli


Recognized Industry Expert

Larry Jarvis headshot

Larry Jarvis

Iron Mountain
CISO

Lorna Koppel headshot

Lorna Koppel

Tufts University
Director of Information Security/CISO

Taylor Lehmann headshot

Taylor Lehmann

Tufts Medical Center
CISO, Wellforce

Michael McNeil headshot

Michael McNeil

Philips Healthcare
Global Product Security & Services Officer

Holly Ridgeway headshot

Holly Ridgeway

Citizens Bank
Chief Security Officer

Agenda


May 7, 2019 - morning

7:00am - 7:45am  Registration & Breakfast

7:45am - 8:30am  Keynote

What's Trust Got to Do With It?

David Horsager headshot

David Horsager

CEO and Best-Selling Author, "The Trust Edge"

Trust is both a fundamental business issue and the biggest asset of a company. Without trust, companies lose reputations, relationships, and revenue. With trust, organizations enjoy greater creativity, productivity, and results. Through extensive research and experience, David Horsager learned what it takes to gain — and keep — the “Trust Edge.”

Join this session as Horsager outlines:

  • The keys to building morale, sales, and customer loyalty
  • His Eight-Pillar Framework for building trust in an organization
  • Creating successful leaders and organizations centered on the tenants of trust


9:00am - 9:50am  Breakout Session

Securing Success – Principles of a Sound Cyber Program

Esmond Kane headshot

Esmond Kane

Deputy CISO

Partners HealthCare

Running a strong security program requires a fail-fast mindset and the right people at the helm. The best programs are collaborative, agile and business focused – just like the people who run them.

In this session, you’ll explore:

  • Principles for designing a sound security program
  • A staffing strategy to hire the right people
  • Survival tactics when things go wrong

9:00am - 9:50am  Breakout Session

Develop Metrics That Influence Business Decision Making

Srinath Sampath headshot

Srinath Sampath

Senior Director, Analyst

Gartner

Security and risk management leaders are always trying to improve their metrics to better inform organizational decision making. However, aligning with the business is still a challenge for most. Key risk indicators should provide actionable information to decision makers.

In this session, you'll learn how to:

  • Define what makes a metric actionable
  • Create a relationship between security and business outcomes
  • Present risk & security metrics to business decision makers

9:00am - 9:50am  Executive Boardroom

Managing the Convergence of Global Data Regulations

Steven Keller headshot

Steven Keller

AVP, Chief Information Security Officer

MAPFRE

Joe Sturonas headshot

Joe Sturonas

CTO

PKWARE, Inc.

Information security leaders navigate an increasingly complex matrix of national and foreign data privacy regulations. GDPR caused organizations to scramble to meet data protection directives and reassess risk management through new compliance reporting requirements and potential exposure to financial penalties. Now California has its own Privacy Act set to come into effect, and it’s one of potentially many different pieces of forthcoming regulation and policy. How can organizations create a unified data protection and compliance strategy that meets conflicting requirements?

In this session, discuss:

  • The current landscape of data privacy regulation around the world
  • Best practices for managing risk associated with data protection frameworks
  • Standards and metrics for measuring data protection risk
  • Data classification strategies to aid compliance, regardless of regulation

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

9:50am - 10:20am  Networking Break

10:20am - 11:10am  Breakout Session

Handing Over the Reins on Risk — To Your Business

Bill Hill headshot

Bill Hill

CISO

MITRE

Traditionally, CISOs have been responsible for assessing and managing organizational risk. They decide how much risk an enterprise can shoulder. But what if security leaders released that control and business units took ownership instead?

In this session, Bill Hill shares how to:

  • Improve risk management by involving the business in decision making
  • Challenge the traditional security mindset
  • Evolve your security program alongside the business


10:20am - 11:10am  Breakout Session

How to Discover Cloud Shadow IT Infrastructure

Matt Kraning headshot

Matt Kraning

Co-Founder and CTO

Expanse

The move to the cloud has led to great increases in agility and cost savings in information technology, but it's enabled employees to evade centrally-mandated security controls, unlike in on-premise environments. 

 In this session,you’ll explore:

  • Risks of shadow cloud infrastructure
  • Lessons from relevant cases studies
  • Techniques to identify rogue cloud assets and prevent them from being created

10:20am - 11:10am  Executive Boardroom

The People Problem — Security Awareness Training

Bobbi Bookstaver headshot

Bobbi Bookstaver

Manager Information Security

Shawmut Design and Construction

Joe Burgoyne headshot

Joe Burgoyne

Sr. Director, Cyber Security

GE Healthcare Bio-Sciences

Even as security tools become increasingly advanced, the biggest vulnerability in a company continues to be its people. With attacks on the rise, executives must make employee training even more sophisticated. 

In this boardroom, you’ll: 

  • Discuss different educational approaches with your peers
  • Determine how to evaluate the level of training needed
  • Identify key training components and methods of measuring their efficacy

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

10:20am - 11:10am  Executive Boardroom

Modernizing Your SOC

Alex Cunningham headshot

Alex Cunningham

CISO

Advisor360

Jon Fredrickson headshot

Jon Fredrickson

ISO

Blue Cross and Blue Shield of Rhode Island

Sudhir Udipi headshot

Sudhir Udipi

Director, Systems Engineering, CISSP, GCNA, GCFA

Securonix

When it comes to taking your data from you, cyber criminals never rest. If they can’t get in one way, they will try another. A sound Security Operations Center - staffed by the right people and with the right tools - should be a key part of your cyber defense strategy.

In this session you will discover how to:

  • Effectively develop your team
  • Automate to reduce workloads and drive efficiency
  • Equip SOC teams to operate within BYOD and Cloud
  • Create strong KPIs and KRIs to measure success

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

11:10am - 11:40am  Networking Break

May 7, 2019 - mid-afternoon

11:40am - 12:50pm  Keynote

Building Tomorrow's Defense … Today

Jason Clark headshot

Jason Clark

CSO

Netskope

For the last 20 years, security leaders have reactively implemented security solutions that are little more than a layering of outdated products. The result? An inefficient and unnecessarily complex defense. Like the attackers that threaten their enterprises, security leaders must constantly rethink how they approach security in order to stay on top.

In this keynote, Jason Clark challenges CISOs to:

  • Rethink their approach to enterprise security.
  • Prepare to drive fast-paced change.
  • Build a new security blueprint that can be used for years to come.


1:20pm - 2:10pm  Breakout Session

Pen Test Your Board Pitch — An Interactive Exercise

Tony Faria headshot

Tony Faria

CISO

FM Global

Brian Haugli headshot

Brian Haugli

Recognized Industry Expert

Pitching to the board is a skill that must be mastered. CISOs are tasked to use visuals, communicate business value and synthesize complex information in a way that makes sense. Join this interactive session to identify the holes in your board pitch—and improve them for the next time you’re in the hot seat.

In this interactive session, you will work in a group to:

  • Create and deliver a board pitch.
  • Receive real-time feedback on your pitch.
  • Learn best practices and strategies for communicating with your board.


1:20pm - 2:10pm  Breakout Session

Delivering Trust and Confidence Through Resilience

Mike Lloyd headshot

Mike Lloyd

CTO

RedSeal

Protection, detection, disaster recovery and business continuity strategies are crucial when it comes to managing cyberattacks. But are they truly effective? Clearly they have not been able to stop, nor reduce the astounding losses associated with these incidents.

Ray Rothrock, CEO of RedSeal, shares:

  • How to maintain confidence in the face of ongoing attacks
  • Which approaches are most effective
  • How to evolve your strategies to be more resilient

1:20pm - 2:10pm  Executive Boardroom

The Continual Shifting of Threats

Justin Armstrong headshot

Justin Armstrong

Security Architect

Meditech

Kevin DeLange headshot

Kevin DeLange

VP and CISO

IGT Global

Wade Lance headshot

Wade Lance

Principal Solutions Architect

Illusive Networks

Whether it’s cybercriminals motivated by profit or nation-state attackers with geopolitical motives, public and private organizations of all sizes have felt the impact of cyberattacks. Enterprise organizations are reeling from the onslaught of massively spread ransomware attacks to surgical pinpointed attacks on their assets from sophisticated state-sponsored actors. How can CISOs best face changing threat vectors?

Join this roundtable conversation to discuss: 

  • The current threat landscape
  • How to best discover and thwart nation-state attacks
  • What security executives can do to build resiliency 

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

1:20pm - 2:10pm  Executive Boardroom

Halt Breaches at the Endpoint

Bobby Narasimham headshot

Bobby Narasimham

CISO

AstraZeneca

Stephen Pyne headshot

Stephen Pyne

Director, Information Security

Eze Software Group

Grady Johnston headshot

Grady Johnston

VP of Americas

Deep Instinct

Regardless of whether a breach results from employee negligence or an attacker, it only takes one click for bad guys to begin wreaking havoc. However, education, employee engagement and new technology can help avoid these disasters. 

During this session, discuss ways to:

  • Bolster your endpoint security strategy using deep learning
  • Understand the differences between machine learning and deep learning
  • Identify your most vulnerable endpoints

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

May 7, 2019 - afternoon

2:10pm - 2:30pm  Networking Break

2:30pm - 3:20pm  Breakout Session

Cybersecurity & Privacy for Digital Innovations at Scale

Ilya Kabanov headshot

Ilya Kabanov

Global Director, Application Security & Compliance

Schneider Electric

Organizations seek to drive responsible innovations and earn the trust of customers and partners in the digitized world. With 160,000 employees across 100+ countries, Schneider Electric takes “digital” seriously and has embedded privacy and security into hundreds of digital offers and internal applications on a global scale.

Join this session to learn:

  • An actionable and scalable framework that delivers secure and compliant applications on a global scale
  • Practical lessons on how security and compliance can empower digital innovations
  • The importance of earning the trust of customers and employees in a digital era
  • Strategies to overcome barriers within your organization and among partners

2:30pm - 3:20pm  Executive Boardroom

Identifying the Way Forward in IAM

Eric Jacobsen headshot

Eric Jacobsen

Executive Director of Information Security

Boston University

Mark Nardone headshot

Mark Nardone

Associate VP and CISO

Northeastern University

Robert Aragao headshot

Robert Aragao

Chief Security Strategist, Security Risk & Governance

Micro Focus

How are your peers balancing business agility and business security in their identity and access management strategy? Join this roundtable discussion to discuss your framework and vet future plans, and learn the most innovative tactics security leaders are using for IAM at their organization, including:

  • Methodologies that satisfy users while maintaining adequate access controls
  • Communication techniques to streamline acceptance of IAM across the business
  • Roadmaps for deciding what technology is the best fit

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

2:30pm - 3:20pm  Executive Boardroom

Cyber-Risk Management: New Approaches for Reducing Your Cyber-Exposure

Jay Carter headshot

Jay Carter

Dir., Information Security

MEMIC

Mark Teehan headshot

Mark Teehan

Chief Information Security Officer

Harvard Pilgrim Health Care

Jeff Wallat headshot

Jeff Wallat

Regional Manager

Tenable

When it comes to reducing cyber risk, overcoming vulnerability overload is critical. Find out how predictive prioritization will improve your vulnerability management efforts so you can focus on what matters most to your business. During this peer-discussion you will explore:

  • How to use threat intelligence to move the most dangerous vulnerabilities up your priority list
  • The resources required to effectively assess your environment and prioritize your efforts in a predictive manner
  • Practices that will help you take appropriate actions to make your organization more secure
  • How to make your staff more efficient by drastically reducing the number of high priority vulnerabilities they need to remediate

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

3:20pm - 3:40pm  Networking Break

3:40pm - 4:20pm  Keynote

The Predictions Panel – A Look at Future Threats

Bobbi Bookstaver headshot

Bobbi Bookstaver

Manager Information Security

Shawmut Design and Construction

Mark Connelly headshot

Mark Connelly

CISO

Boston Consulting Group Inc.

Larry Zorio III headshot

Larry Zorio III

CISO

Smith & Nephew US

To truly safeguard an organization, CISOs mustn’t merely focus on existing threats, but future ones, too. They have to ask themselves – what types of attacks should I be prepared for?

In this interactive session, prepare to:

  • Listen to a panel of CISOs predict the biggest threats of 2020
  • Share your own threat predictions for 2020
  • Discuss how to predict threats and – more importantly – how to prepare for them
  • Put your predictions in a time capsule, which will be opened and discussed at a 2020 Boston CISO Summit


4:20pm - 5:00pm  Closing Reception & Prize Drawing

Location


Venue & Accommodation

InterContinental Boston

Your Community Partners


National Thought Leader
Keynote Sponsor
National Sponsors

Boston CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program manager.

Rebecca Buchanan

971-717-6645

rebecca.buchanan@evanta.com