Dallas CISO Executive Summit

June 24, 2019, Renaissance Dallas

June 24, 2019
Renaissance Dallas

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the Dallas CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Strategies for a risk-aligned, resilient organization

Developing and investing in the security workforce of tomorrow

Creating business value and supporting agile business operations

Dallas CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Sara Andrews

PepsiCo
SVP, Global CISO

Jason Frugé

Fossil
Chief Information Security Officer

Parrish Gunnels

Fiserv
Director, Information Security Officer

Jairo Orea

Kimberly-Clark
CISO

Shamoun Siddiqui

Neiman Marcus Group
CISO

Duaine Styles

Globe Life
CSO

Agenda


June 24, 2019 - morning

7:30am - 8:15am  Registration & Breakfast

8:15am - 9:00am  Keynote

Develop an Eye for ROI

Jason Frugé headshot

Jason Frugé

Chief Information Security Officer

Fossil

Mustapha Kebbeh headshot

Mustapha Kebbeh

Global CISO

The Brink's Company

In this interactive session, CISOs from organizations across the size spectrum will split into small groups to share their most creative solutions for stretching their resources as far as possible. Join this session to collaborate on your peers and share your high-impact initiatives for:

  • Retaining, attracting and developing security talent
  • Effective incident response
  • Impactful security awareness training
  • Unique, creative security strategies

9:10am - 10:00am  Breakout Session

Leading in the C-Suite — Bolster Your Executive Presence

Andrew Albrecht headshot

Andrew Albrecht

CISO

Michaels

Chuck Lankford headshot

Chuck Lankford

CISO

The Container Store

Mike Tiddy headshot

Mike Tiddy

CISO

BNSF Railway Company

Caught in the crosshairs of leadership and information security, CISOs often are expected to act not only as security professionals, but business leaders. How can CISOs effectively become bold c-suite leaders while also juggling their security demands?

Join this interactive session to explore:

  • How to tailor communication styles to senior leaders
  • Ways CISOs can gain the trust of their c-suite
  • How to prepare for stepping into the CISO role
  • The leadership capabilities necessary for being an effective CISO

9:10am - 10:00am  Breakout Session

Think Differently About Data — Succeed at Threat Hunting & IR

Tom Roeh headshot

Tom Roeh

Director of Sales Engineering

ExtraHop

Two pillars of a successful and proactive SOC are threat hunting and incident response. The use of network traffic analysis can help improve performance in these two areas, if you can trust the data. 

In this session, you will learn:

  • Current attack practices, including abuse of legitimate traffic and encryption
  • How hunters hide from attackers to avoid counter IR maneuvers
  • Ways to make analysts faster and more effective at validating and responding to threats
  • Options for empowering cross-training and on-the-job training to increase analysts' skills
  • Clarity on how gaining visibility into cloud and encrypted traffic


9:10am - 10:00am  Executive Boardroom

Cyber-Risk Management — New Approaches for Reducing Your Cyber-Exposure

Mustapha Kebbeh headshot

Mustapha Kebbeh

Global CISO

The Brink's Company

Robert Pace headshot

Robert Pace

Vice President, Information Security & Compliance

First American Payment Systems

Kevin Flynn headshot

Kevin Flynn

Senior Product Manager

Tenable

When it comes to reducing cyber risk, overcoming vulnerability overload is critical. Find out how predictive prioritization will improve your vulnerability management efforts so you can focus on what matters most to your business. During this peer-discussion you will explore:

  • How to use threat intelligence to move the most dangerous vulnerabilities up your priority list
  • The resources required to effectively assess your environment and prioritize your efforts in a predictive manner
  • Practices that will help you take appropriate actions to make your organization more secure
  • How to make your staff more efficient by drastically reducing the number of high priority vulnerabilities they need to remediate

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

9:10am - 10:00am  Executive Boardroom

The Continual Shifting of Threats

David Bell headshot

David Bell

CISO & Managing Director - Information Security & Technology Risk Management

American Airlines

Gary Todd headshot

Gary Todd

Assoc. Director, Cyber Security

PNM Resources, Inc.

Chad Gasaway headshot

Chad Gasaway

Director, Solutions Architecture

Illusive Networks

Whether it’s cybercriminals motivated by profit or nation-state attackers with geopolitical motives, public and private organizations of all sizes have felt the impact of cyberattacks. Enterprise organizations are reeling from the onslaught of massively spread ransomware attacks to surgical pinpointed attacks on their assets from sophisticated state-sponsored actors. How can CISOs best face changing threat vectors?

 Join this roundtable conversation to discuss:

  • The current threat landscape
  • How to best discover and thwart nation-state attacks
  • What security executives can do to build resiliency 


Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

10:00am - 10:30am  Networking Break

10:30am - 11:20am  Breakout Session

You’ve Been Compromised – Now What?

Sailaja Kotra-Turner headshot

Sailaja Kotra-Turner

Senior Director, IT Security and Risk Management

Brinker International

Duaine Styles headshot

Duaine Styles

CSO

Globe Life

When an incident happens, things unfold in a frenzy. The board wants to know what happened. There may be financial and legal implications and disclosures required. Your security team wants to know what to do. How do you keep your organization together when the inevitable happens?

In this session, two security leaders discuss:

  • Best practices for creating a well-rounded response plan that accounts for legal and regulatory requirements
  • How to collaborate with your entire leadership team, including marketing, public relations, HR and legal teams
  • Ways to support your CISO peers when they weather a breach

10:30am - 11:20am  Breakout Session

Phishing Defense — The Art of Human Intuitive Repulsion

Andy Spencer headshot

Andy Spencer

VP Sales Engineering

Cofense

 As intuitive human beings we often somehow sense when things aren’t quite right. When a newborn is “too quiet,” a sixth-sense can be more reliable than a baby monitor. What applies to life also applies to cybersecurity. Machine learning and artificial intelligence can weed out some of the threats, but they won't catch everything. Find out why trusting your gut – knowing when to say something when you see something – is a key part of any organization's phishing defense. In this session:

  • Discover security trends, threat-actor tactics and defense strategies across the globe
  • Learn the types of actual phishing attacks
  • See how attackers evolve their tactics to avoid perimeter controls


10:30am - 11:20am  Executive Boardroom

Modernizing Your SOC

George Finney headshot

George Finney

Chief Security Officer

SMU Cox School of Business

Gary Toretti headshot

Gary Toretti

SVP, Chief Information Security Officer

CBRE

Tanuj Gulati headshot

Tanuj Gulati

CTO

Securonix

When it comes to taking your data from you, cyber criminals never rest. If they can’t get in one way, they will try another. A sound Security Operations Center - staffed by the right people and with the right tools - should be a key part of your cyber defense strategy.

In this session you will discover how to:

  • Effectively develop your team
  • Automate to reduce workloads and drive efficiency
  • Equip SOC teams to operate within BYOD and Cloud
  • Create strong KPIs and KRIs to measure success

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

10:30am - 11:20am  Executive Boardroom

Dissecting Recent Breaches and Ensuring Cyber Resiliency

Jason Frugé headshot

Jason Frugé

Chief Information Security Officer

Fossil

Jessica Nemmers headshot

Jessica Nemmers

Manager of Information Security

Commercial Metals

Alex Horan headshot

Alex Horan

Director of Product Management

Onapsis

In April 2019, the Department of Homeland Security issued an alert citing "New Exploits for Unsecure SAP Systems" after new exploits, termed "10KBlaze" were publicly released. While protecting endpoint access, phishing, and network monitoring is important, nothing else matters if your core business applications are not a primary strategic component. In this session, we will explore:

  • Why and how ERP applications are actively under attack
  • How cloud, mobile and digital transformations are expanding the attack surface
  • Steps you can take to ensure cyber resiliency and mitigate risk

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

June 24, 2019 - mid-afternoon

11:20am - 11:45am  Networking Break

11:45am - 1:00pm  Keynote

Forward Focus – Is Your Role Changing?

Taren Rodabaugh headshot

Taren Rodabaugh

VP & CIO, Global Information Services

Harley-Davidson, Inc.

The notion that the role of the CIO is in constant evolution is nothing new, and this same idea applies to CISOs. But how much has really changed? And how can leaders prepare?

 In this session, you’ll learn:

  • Whether new technology is really changing how technology leaders work
  • Ways to evolve your role to meet business needs
  • Create a compelling vision for your team

1:10pm - 2:00pm  Breakout Session

Cyber Defense in the Age of Retail Digital Fraud

Shamoun Siddiqui headshot

Shamoun Siddiqui

CISO

Neiman Marcus Group

Retail digital fraud is on the rise. As more and more companies adopt the EMV standard for credit cards, the fraud is shifting to online channels. From automated botnet based attacks to account takeovers, the fraudsters are becoming increasingly sophisticated in their attacks.

In this digital age of fraud, it’s worthwhile for organizations to harness AI/ML techniques and other cutting-edge counter defense measures to thwart the cyber criminals.

This session will focus on:

  • Fraud statistics and how blocking one channel of fraud has spurred the advances in other channels
  • Understanding the commonly used fraud tactics and techniques
  • Reviewing some of the common cyber defense techniques to combat this growing threat

1:10pm - 2:00pm  Breakout Session

Cloud Care — Tracking Assets at Your Network Edge

Marshall Kuypers headshot

Marshall Kuypers

Director of Cyber Risk

Expanse

The proliferation of cloud technologies has created new classes of risk for organizations. It’s easier than ever for employees to circumvent security processes, and the distributed nature of cloud makes it difficult for IT teams to detect exposures.

In this session, you'll learn:

  • Common cloud risks, their causes and the dangers they pose to your organization
  • Strategies to identify rogue IT devices
  • Ways to stop risks from proliferating in the first place


1:10pm - 2:00pm  Executive Boardroom

Connecting Security, Risk and IT to Enable a Best-in-Class Program

Ajay Gupta headshot

Ajay Gupta

Chief of Cybersecurity

Humana Inc.

Jeff Kirby headshot

Jeff Kirby

CISO

Interstate Batteries

Michael Siegrist headshot

Michael Siegrist

Product Line Specialist, GRC and Integrated Risk Management

ServiceNow

The breaches of the past few years continue to show us that organizations are overwhelmed and struggling with patching software vulnerabilities.  But what if you were able to properly pinpoint the vulnerabilities that represent the most risk and align these risks with overall enterprise risk? 

Join this conversation to discuss:

  • How security, risk, and IT staff can best work together to locate vulnerabilities and remediate cyber risk
  • Best practices for strengthening governance, risk, and compliance programs
  • Effective methods for communicating cyber risk to the BOD

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

1:10pm - 2:00pm  Executive Boardroom

Managing the Convergence of Global Data Regulations

KC Condit headshot

KC Condit

CISO

G6 Hospitality

Alex Nehlebaeff headshot

Alex Nehlebaeff

Corporate Information Security Manager

Harley-Davidson Financial Services Inc.

Matt Little headshot

Matt Little

Chief Product Officer

PKWARE, Inc.

Information security leaders navigate an increasingly complex matrix of national and foreign data privacy regulations. GDPR caused organizations to scramble to meet data protection directives and reassess risk management through new compliance reporting requirements and potential exposure to financial penalties. Now California has its own Privacy Act set to come into effect, and it’s one of potentially many different pieces of forthcoming regulation and policy. How can organizations create a unified data protection and compliance strategy that meets conflicting requirements?

In this session, discuss:

  • The current landscape of data privacy regulation around the world
  • Best practices for managing risk associated with data protection frameworks
  • Standards and metrics for measuring data protection risk
  • Data classification strategies to aid compliance, regardless of regulation

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

June 24, 2019 - afternoon

2:00pm - 2:30pm  Networking Break

2:30pm - 3:20pm  Breakout Session

Gaining Organizational Acceptance of Access Management

Lauren Heyndrickx headshot

Lauren Heyndrickx

Senior Director, CISO

JCPenney

Introducing a new access management controls to an organization is rife with technological challenges. But the real obstacle may be in the communication and cultural adoption. 

In this session, you’ll explore:

  • Tactics for getting your organization to embrace access management
  • Best practices for fast, easy implementation 
  • Ways to communicate your plan to the organization, including the leadership team

2:30pm - 3:20pm  Executive Boardroom

Develop Metrics That Influence Business Decision Making

Royce Holden headshot

Royce Holden

AVP - Technology Security and Compliance (CISO)

DFW International Airport

Syam Maddimsetty headshot

Syam Maddimsetty

Director, Information Security and Compliance

Overhead Door Corporation

Security leaders are always trying to improve their metrics to better inform organizational decision making. However, aligning with the business is still a challenge for most.

In this session, you'll discuss:

  • What makes a metric actionable
  • How to create a relationship between security and business outcomes
  • Ways to communicate risk & security metrics to business decision makers

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

2:30pm - 3:20pm  Executive Boardroom

The Zero Trust Approach

Bill Edevane headshot

Bill Edevane

Director, Information Security

Texas Rangers

Sonya Wickel headshot

Sonya Wickel

Sr Manager Enterprise Security & Compliance

Triumph Group, Inc.

Sean Barrett headshot

Sean Barrett

Regional Sales Director

MobileIron

Mobile devices and cloud services have dissolved the enterprise IT perimeter. Business data flows freely across a wide information fabric spanning a variety of devices, apps, networks, and cloud services. As traditional network perimeters become obsolete, organizations must address these modern security challenges with a zero trust approach.

 In this session, you'll discuss:

  • The need for a new zero trust approach to information security
  • The industry’s first zero trust, mobile-centric framework
  • Advantages of deploying zero trust, mobile-centric security
  • Tips to get started today on your path to zero trust, mobile-centric security

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Lawrence Figueroa at 971-222-2374 or lawrence.figueroa@evanta.com. 

3:20pm - 3:40pm  Networking Break

3:40pm - 4:20pm  Keynote

Coffee Table Talk – How To Partner with Your CHRO and CIO

Gregory Ericson headshot

Gregory Ericson

SVP, CIO

Essilor of America

Sonja Hammond headshot

Sonja Hammond

CISO and Privacy Officer

Essilor of America

Deborah Shute Leemaster headshot

Deborah Shute Leemaster

Interim Sr. Vice President, Human Resources & General Services

Essilor of America

An organization’s security strategy is only as good as the team supporting it.That’s why collaboration in the c-suite is so vital to creating a robust security program.

Join this coffee table talk to learn: 

  • Your CIO’s security expectations
  • How to support human resources as a CISO
  • Effective executive communication 

4:20pm - 5:00pm  Closing Reception & Prize Drawing

Location


Venue & Accommodation

Renaissance Dallas

Your Community Partners


National Thought Leader
Global Thought Leader

Dallas CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Lawrence Figueroa

Senior Program Manager

971-222-2374

lawrence.figueroa@evanta.com