Chicago CISO Executive Summit

November 28, 2018, Marriott Chicago Magnificent Mile

November 28, 2018
Marriott Chicago Magnificent Mile

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the Chicago CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Strategies for a risk-aligned, resilient organization

Developing and investing in the security workforce of tomorrow

Creating business value and supporting agile business operations

Chicago CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Waqas Akkawi

SIRVA Worldwide
VP, CISO

Jim Cameli

Walgreens Boots Alliance
Global CISO

Nicole Ford

Carrier
VP and Chief Information Security Officer

Emily Heath

United Airlines
VP & CISO

JJ Markee

Kraft Heinz Company
CISO

John Reed

True Value Company
IT Security Program Manager

Steve Weber

OptumRx
Sr. Director, Information Security and IT Compliance

Agenda


November 28, 2018 - morning

7:00am - 7:45am  Registration & Breakfast

7:45am - 8:30am  Keynote

Executive Presence for Lasting Leadership

Chris Ulrich headshot

Chris Ulrich

Body Language Expert & Political Consultant

Author & Thought Leader

Any given gesture - a nod, a point of the finger - unconsciously communicates powerful ideas and feelings that have tangible consequences. Top executives are generally proficient in their ability to interact with others, but the stakes are raised during high-level negotiations, reporting to the board, inspiring and empowering senior managers or dealing with tricky internal matters.

Join body language expert Chris Ulrich as he shares:

  • Why every movement and action is magnified in high-level situations
  • Tools and techniques to build rapport quickly
  • How executives can communicate more effectively


8:30am - 9:00am  Networking Break

9:00am - 9:50am  Breakout Session

Communicating Security and Investment Strategy to the Board

Aman Raheja headshot

Aman Raheja

Global CISO

BMO Harris Bank

Striking a balance between digital innovation and providing assurance requires an approach that is far beyond reactionary or looking at the next cool thing. Using scare tactics to secure funding for security initiatives has become something of a cliché. Raheja has developed a vision for security and risk management that brings objectivity to the conversation. Raheja presents his framework - a multi-pronged approach for framing the security strategy from the perspective of business value, industry benchmarking, compliance, and threat management. Raheja’s communication and methodological approach positions security to make the organization more productive, agile and a business driver.

9:00am - 9:50am  Breakout Session

Third-Party Risk Management – Working Together, Keeping Secure

Jasson Casey headshot

Jasson Casey

CTO

SecurityScorecard

Today's CISOs require smarter, more cost-efficient solutions in order to effectively deal with growing security challenges. As each company’s protection profile matures, however, so do their expectations for the vendors hired to protect the integrity and security of shared information. Is your organization prepared to handle the additional threat exposure points that come from expanding business networks?

In this session, discover:

  • Best practices for managing third party partners
  • Strategies to strengthen your vendor relationships
  • Methods for creating a foundation of trust that promotes safe habits

9:00am - 9:50am  Executive Boardroom

The Practical Application of ‘Cognitive Cybersecurity’

Michael Boucher headshot

Michael Boucher

CISO, Americas

JLL

John Kellerhals headshot

John Kellerhals

Information Security Manager

Wheels, Inc.

Adam Lyons headshot

Adam Lyons

Business Unit Executive, Security Intelligence

IBM

The sheer volume of threat intelligence and suspicious activity alerts facing security teams is daunting, yet finding that needle in the haystack can make the difference between stopping an attacker or becoming victim to the next breach. “Cognitive cybersecurity” – machine learning and the automation of human tasks and processes – can transform the security program by free staff to focus on stopping the real threats.

In this interactive discussion, explore with fellow CISOs:

  • Areas of opportunity to free up resources with automation
  • Common threats every organization faces that can be alleviated with ML
  • Methods to get business buy-in for the next wave of technology

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Tim Bigley at 971-717-6612 or tim.bigley@evanta.com.

9:50am - 10:20am  Networking Break

10:20am - 11:10am  Breakout Session

An Engineering Approach to the Talent Challenge

Marie Fang headshot

Marie Fang

Assistant Vice President & HR Business Partner for IT

CNA Insurance

Larry Lidz headshot

Larry Lidz

SVP & Global CISO

CNA Insurance

All security leaders face the challenges of a tight talent marketplace – but few have taken the steps to develop a formal talent strategy to attract and retain security talent. Larry Lidz and Marie Fang share how they’ve created a disciplined approach at CNA Insurance to attracting security candidates.


In this session, learn:

  • Methods to benchmark your organization’s competitiveness
  • How to best partner with HR
  • Strategies to find talent in underutilized markets

10:20am - 11:10am  Breakout Session

Delivering Trust and Confidence Through Resilience

Ray Rothrock headshot

Ray Rothrock

Chairman and Chief Executive Officer

RedSeal

Protection, detection, disaster recovery and business continuity strategies are crucial when it comes to managing cyberattacks. But are they truly effective? Clearly they have not been able to stop, nor reduce the astounding losses associated with these incidents.

Ray Rothrock, CEO of RedSeal, shares:

  • How to maintain confidence in the face of ongoing attacks
  • Which approaches are most effective
  • How to evolve your strategies to be more resilient

10:20am - 11:10am  Executive Boardroom

Risk Management – The Holistic View

Erik Hart headshot

Erik Hart

CISO

Cushman & Wakefield, Inc.

Jody Schwartz headshot

Jody Schwartz

Director - IT Security & Compliance

Marsh

Joe Raschke headshot

Joe Raschke

Field CTO, Identity Solutions

Saviynt

Effective CISOs are challenged to not only successfully develop high-level risk valuation and management strategies, but also communicate business opportunities that encompasses the company’s products, services, and greater competitive landscape. How do you mitigate risk while simultaneously driving productivity and revenue?

During this peer-driven discussion, learn how to:

  • Focus on strategies for creating flexible controls that protect the organization
  • Define risk in connection with identity and access management
  • Provide clear business cases that connect business profitability to risk reduction

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Tim Bigley at 971-717-6612 or tim.bigley@evanta.com.

10:20am - 11:20am  Peer-to-Peer Meetings

Peer-to-Peer Networking

Click here to schedule time with key contacts and decision-makers, connect with the right people, schedule meetings and work toward achieving your business goals faster, all through the swipe of a button. In keeping with our promise to provide the best networking opportunities in your region, we are offering one-on-one meetings at this summit, through our Peer-to-Peer Networking feature. Powered by AI, this feature takes the work out of networking. It unlocks the potential of professionals who are looking to make meaningful connections at this summit, giving you a higher return on your time.

11:10am - 11:40am  Networking Break

November 28, 2018 - mid-afternoon

11:40am - 12:50pm  Keynote

How to Survive a Breach

Ruben Chacon headshot

Ruben Chacon

VP and CISO

Constellation Brands, Inc.

When disaster hits, what are the key priorities for a CISO? Are you able to actually make all of your preparedness a reality? Ruben Chacon outlines his experience as the security lead at Mondelez International when it was impacted by NotPetya malware in June 2017, and offers tips on how to best manage the aftermath.

In this keynote, Ruben Chacon shares:

  • Crisis management before and after the breach
  • Who is in charge?
  • Key priorities while responding and recovering
  • How to ensure communication flows with the business

12:50pm - 1:20pm  Networking Break

1:20pm - 2:10pm  Breakout Session

CISO Therapy – Tackling the People Side of Security Together

JJ Markee headshot

JJ Markee

CISO

Kraft Heinz Company

Kevin Novak headshot

Kevin Novak

CISO & IT Risk Officer

Northern Trust Corporation

Richard Rushing headshot

Richard Rushing

CISO

Motorola Mobility, Inc.

Arlan McMillan headshot

Arlan McMillan

CSO

Kirkland and Ellis

It’s no secret that the role of the CISO is enormous and complex. Underlying all the emerging technology, evolving processes, and threat intelligence lies perhaps the most complicated aspect of security leadership – people. Whether it’s privacy, awareness training, global regulatory bodies, integration after M&A activity, or change management, the human element of security is a constant variable. In this interactive peer-to-peer session, CISOs will share their challenges, stresses, and even triumphs on connecting with and leading the people behind the secure enterprise.

1:20pm - 2:10pm  Breakout Session

A Deep Dive Into the DNA of Modern IoT Attack Botnets

Ron Winward headshot

Ron Winward

Security Evangelist

Radware

The majority of modern IoT-based attack botnets have uniquely common DNA, but they all use part of Mirai code as their framework. While device exploitation techniques remain innovative, the attack vectors themselves are typically reused, making it possible for CISOs to outsmart these botnets.

Join this session to learn about:

  • The different attack vectors in IoT botnets
  • How attack vectors replicate
  • What changes have been implemented in new IoT attack botnets

1:20pm - 2:10pm  Executive Boardroom

Measuring Risk in a Post GDPR World

Shelby Cannon headshot

Shelby Cannon

AVP IT Risk & Compliance

CNA Insurance

Timothy Simmons headshot

Timothy Simmons

Global Regional Information Security Officer & IT Security Programs Leader

Baxter Corporation

Mike Zachman headshot

Mike Zachman

CSO

Zebra Technologies Corporation

Dave Deasy headshot

Dave Deasy

SVP

TrustArc

The GDPR significantly changed how companies assess and manage risk through a combination of new / complex compliance reporting requirements and exposure to significant financial penalties.  The GDPR, and forthcoming California Consumer Privacy Act (CCPA) are increasing the level of interaction CISOs need to have with legal / privacy counterparts to ensure data protection risks are properly identified, effective management tools are implemented, and objective measures are in place to track progress.

Join fellow security leaders to discuss: 

  • Standards and metrics for measuring data protection risk
  • Best practices for managing risk associated with GDPR, California Consumer Privacy Act, and other global data protection frameworks
  • Tools to manage data protection risk and meet compliance reporting requirements

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Tim Bigley at 971-717-6612 or tim.bigley@evanta.com.

1:20pm - 2:10pm  Networking Break

Peer-to-Peer Networking

In keeping with our promise to provide the best networking opportunities in your region, we are offering one-on-one meetings at this summit, through our Peer-to-Peer Networking feature. Powered by AI, this feature takes the work out of networking. It unlocks the potential of professionals who are looking to make meaningful connections at this summit, giving you a higher return on your time. Click here to schedule time with key contacts and decision-makers, connect with the right people, schedule meetings and work toward achieving your business goals faster, all through the swipe of a button.

November 28, 2018 - afternoon

2:10pm - 2:30pm  Networking Break

2:30pm - 3:20pm  Breakout Session

Security Toolbox – The Future Is Now

Steve Hundley headshot

Steve Hundley

Director of Governance, Risk, and Security

TTX Company

How can CISOs better understand emerging technologies and proactively apply them to improve their security program? Steve Hundley leads this interactive workshop to explore concepts such as AI, ML and blockchain and use cases for security practitioners.

In this session, discuss:

  • Practical applications for emerging technologies
  • How other CISOs are implementing new tech
  • The future technology landscape for CISOs

2:30pm - 3:20pm  Executive Boardroom

CISO as a Human Translator — Translating Security Risk into Business/Board Speak

Shane Hibbard headshot

Shane Hibbard

Director of Information Security

Invenergy

Steve Weber headshot

Steve Weber

Sr. Director, Information Security and IT Compliance

OptumRx

Dov Yoran headshot

Dov Yoran

Sr. Director, Security Business Group

Cisco Systems, Inc.

The role of the CISO has fast evolved beyond its traditional operational functions of monitoring, repelling and responding to cyber threats to that of one who can enable the business.  More specifically, enable the business to take secure risks.  As a growing number of boards are making the topic of cybersecurity a central part of their discussions, the need for CISOs to provide them with visibility into and to clearly articulate how risk is being managed in well-defined business terms (board speak) has become fundamental.  Join this roundtable discussion to share ideas and strategies on how to effectively communicate risk and other key related factors with your board.

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Tim Bigley at 971-717-6612 or tim.bigley@evanta.com.

2:30pm - 3:20pm  Executive Boardroom

The People Problem — Security Awareness Training

Amy Bogac headshot

Amy Bogac

Director, Information Security and Risk Management

CF Industries

John Reed headshot

John Reed

IT Security Program Manager

True Value Company

Even as security tools become increasingly advanced, the biggest vulnerability in a company continues to be its people. With attacks on the rise, executives must make employee training even more sophisticated.

In this boardroom, you’ll:

  • Discuss different educational approaches with your peers
  • Determine how to evaluate the level of training needed
  • Identify key training components and methods of measuring their efficacy

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Tim Bigley at 971-717-6612 or tim.bigley@evanta.com.

3:20pm - 3:40pm  Networking Break

3:20pm - 3:40pm  Networking Break

Peer-To-Peer Networking

In keeping with our promise to provide the best networking opportunities in your region, we are offering one-on-one meetings at this summit, through our Peer-to-Peer Networking feature. Powered by AI, this feature takes the work out of networking. It unlocks the potential of professionals who are looking to make meaningful connections at this summit, giving you a higher return on your time. Click here to schedule time with key contacts and decision-makers, connect with the right people, schedule meetings and work toward achieving your business goals faster, all through the swipe of a button.

3:40pm - 4:20pm  Keynote

Culture - The Difference Between Success and Failure

Corey E. Thomas headshot

Corey E. Thomas

President and CEO

Rapid7

Why do some companies filled with smart people fail and others succeed? Culture can make all the difference. It can accentuate the collective and drive innovation or it can be a distraction. In order to achieve long-term success, there must be a level of cohesiveness and alignment between a company’s culture, its employees, and goals. Corey Thomas, President and CEO of Rapid7, shares his quest for that alignment and how he promotes a culture of disciplined risk-taking, continuous learning, and diversity of mindset.

4:20pm - 5:00pm  Closing Reception & Prize Drawing

Location


Venue & Accommodation

Marriott Chicago Magnificent Mile

Your Community Partners


Keynote Sponsor
Presenting Sponsors
National Sponsors

Chicago CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Tim Bigley

Program Manager

971-717-6612

tim.bigley@evanta.com