Detroit CISO Executive Summit

November 13, 2018, The Cobo Center

November 13, 2018
The Cobo Center

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the Detroit CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Strategies for a risk-aligned, resilient organization

Developing and investing in the security workforce of tomorrow

Creating business value and supporting agile business operations

Detroit CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Rich Armour headshot

Rich Armour

General Motors Company
CISO

Martin Bally headshot

Martin Bally

Diebold | Nixdorf
VP & CSO

Derek Benz headshot

Derek Benz

Ford Motor Company
CISO

Brent Cieszynski headshot

Brent Cieszynski

Blue Cross Blue Shield of Michigan
VP & CISO

Earl Duby headshot

Earl Duby

Lear Corporation
CISO

Russ Gordon headshot

Russ Gordon

BorgWarner
CISO

Mauricio Guerra headshot

Mauricio Guerra

DowDuPont
Director of Global Information Security

Tabice Ward headshot

Tabice Ward

DTE Energy
Director & CISO

Erik Wille headshot

Erik Wille

Penske Automotive
Head of Information Security

Agenda


November 13, 2018 - morning

7:00am - 7:45am  Registration & Breakfast

7:45am - 8:30am  Keynote

Lear and Mcity’s Battles Against Vehicle Cyberthreats

Andre Weimerskirch headshot

Andre Weimerskirch

VP Cyber Security, Mcity Cybersecurity Group Chair

Lear Corporation

All automotive stakeholders face challenges to develop secure vehicles and components. The latest threat research from the University of Michigan’s Mcity project can support your own cybersecurity threat assessment program. 

Andre Weimerskirch covers the latest from connected and automated vehicle cybersecurity from his experience at Lear and Mcity:

  • A review of the current cyberthreat landscape as it applies to connected and automated vehicles
  • Guidance from the recently developed Mcity Threat Identification Model and Lear’s risk assessment model
  • Overview of the big cybersecurity challenges and solution approaches

8:30am - 9:00am  Networking Break

9:00am - 9:50am  Breakout Session

Product Incident Response

Martin Bally headshot

Martin Bally

VP & CSO

Diebold | Nixdorf

In an era when almost every electronic device gathers and stores potentially sensitive information, organizations face the daunting task of securing their devices with the same vigor they would use to secure their internal networks. Join Martin Bally to learn how Diebold | Nixdorf is extending its security footprint to manage and monitor a swath of connected products worldwide, including:

  • Visualization techniques to evaluate a global threat landscape
  • Ways to integrate product security into an incident response framework
  • Techniques to gain buy-in across the organization for an expanded program

9:00am - 9:50am  Breakout Session

AI and Machine Learning — Potential Successes and Security Risks

James Cabe headshot

James Cabe

Principal Systems Engineer

Fortinet, Inc.

Security vendors, infosecurity specialists and cybersecurity professionals claim to use artificial intelligence and machine learning to defend customers against the most advanced threats in cybersecurity. But if you ask how these technologies work, answers can be vague or misleading.

In this session, you will learn how:

  • The mechanics of artificial intelligence and machine learning work, exploring how different techniques can be used to detect malware, malicious domains, phishing emails and other threats
  • Technologies can potentially fail
  • Attackers can use technologies to infiltrate poorly designed or implemented systems.


9:00am - 9:50am  Executive Boardroom

CISO as a Human Translator — Translating Security Risk into Business/Board Speak

Shawn Campbell headshot

Shawn Campbell

CISO

Ciena Healthcare Inc

Geeta Kapoor headshot

Geeta Kapoor

Director of Cybersecurity (CISO)

Federal-Mogul Powertrain, Inc.

Stewart Tan headshot

Stewart Tan

Consulting Principal Director

Cisco Systems, Inc.

The role of the CISO has fast evolved beyond its traditional operational functions of monitoring, repelling and responding to cyber threats to that of one who can enable the business. More specifically, enable the business to take secure risks. As a growing number of boards are making the topic of cybersecurity a central part of their discussions, the need for CISOs to provide them with visibility into and to clearly articulate how risk is being managed in well-defined business terms (board speak) has become fundamental. Join this roundtable discussion to share ideas and strategies on how to effectively communicate risk and other key related factors with your board.

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: 

Nathan Schulz at 971-717-6675 or Nathan.schulz@evanta.com

9:50am - 10:20am  Networking Break

10:20am - 11:10am  Breakout Session

Engage, Enlist and Optimize Your Security Stakeholders

Christy Wheaton headshot

Christy Wheaton

CISO

Meritor

Security leaders are constantly looking for the next step forward toward a better security posture. Yet what does it take to effectively analyze and act on the most important and complex asset of all — people? Christy Wheaton shares her methodology to develop a concrete action plan for key security stakeholders, covering:

  • Engaging your security “team”— beyond your direct reports
  • How to measure and plot stakeholder engagement
  • Strategies to optimize engagement and improve overall security posture

10:20am - 11:10am  Breakout Session

A Deep Dive into the DNA of Modern IoT Attack Botnets

Ron Winward headshot

Ron Winward

Security Evangelist

Radware

The majority of modern IoT-based attack botnets have uniquely common DNA; they use part of the Mirai code in their framework. While device exploitation techniques remain innovative, the attack vectors themselves are typically reused, making it possible for CISOs to outsmart these botnets.

Join this session to take a meaningful look at IoT attack botnets. You’ll learn about:

  • The different attack vectors in IoT botnets
  • How attack vectors replicate
  • What changes have been implemented in new IoT attack botnets


10:20am - 11:10am  Executive Boardroom

Achieving Next-Level Security Through Automation

Piero DePaoli headshot

Piero DePaoli

Senior Director, Security Business Unit

ServiceNow

Rajiv Das headshot

Rajiv Das

Chief Security Officer & Deputy Director

State of Michigan

Kevin McLaughlin headshot

Kevin McLaughlin

Global Security Officer & Deputy CISO

Stryker Corporation

Security teams face a significant challenge in tackling the routine tasks necessary to monitor threats to their organization. What would it mean to free up these staff resources to focus on more strategic challenges? Join your peers to discuss the role of automation in cybersecurity, including:

  • How does your organization view automation in the context of talent shortages?
  • What are the types of tasks in your security program are you automating, considering automating, or never automating?
  • How do you measure current and future efficiency as you deploy automation?

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: 

Nathan Schulz at 971-717-6675 or Nathan.schulz@evanta.com

11:10am - 11:40am  Networking Break

November 13, 2018 - mid-afternoon

11:40am - 1:10pm  Lunch & Comments

Lunch Discussion Tables

Join your peers at designated tables during lunch to discuss a subject that interests you. Seating is first-come, first-serve.

11:40am - 1:10pm  Keynote

Closing the Security Gap — Automation, AI & IoT

Dr. Larry Ponemon headshot

Dr. Larry Ponemon

Chairman and Founder

Ponemon Institute

Following a global survey of almost 4,000 IT professionals across the Americas, Europe and Asia, Dr. Larry Ponemon chairman and founder of the Ponemon Institute and pioneer in information security and privacy research, shines light on some of the most pressing issues for security executives:

  • Why are CISOs struggling to identify, detect, contain, and resolve data breaches and other security incidents?
  • What are security gaps making it easier for attackers to penetrate your perimeter defense systems?
  • Why are security gaps so hard to close?
  • What technologies and processes can help you keep a step ahead of bad actors?

1:10pm - 1:40pm  Networking Break

November 13, 2018 - afternoon

1:40pm - 2:30pm  Breakout Session

Securing Digital Transformation

Tabice Ward headshot

Tabice Ward

Director & CISO

DTE Energy

As the pace of technological disruption intensifies for the enterprise organization, so too are customer expectations that today’s fast-moving digital businesses are secure. Tabice Ward shares lessons on how security can enable digital transformation, covering:

  • The synergy and tensions between business agility and security
  • A framework to ensure information security is guiding business strategy
  • Evolving security’s reputation from the organization of “no” to the organization of “how”

1:40pm - 2:30pm  Breakout Session

GDPR — Reconciling Enforcement Risk and Compliance Cost

Eric Mahler headshot

Eric Mahler

Asst. General Counsel, Labor & Employment

Meritor

Information security leaders have a new risk to add to their register – the likelihood that European Union regulators will enforce on the tenets of the sweeping General Data Protection Regulation that became effective in May. Building from a success story in ongoing compliance at Meritor, Eric Mahler explores the intersection of real-world regulatory risk and the cost of compliance with GDPR and other emerging regulation, covering:

  • The emerging priorities of European privacy regulation enforcement
  • Meritor’s long-term roadmap for managing regulatory risk and compliance
  • An overview of other privacy legislation impacting information security

1:40pm - 2:30pm  Executive Boardroom

There’s an App For That—And a Risk. Secure the Possibilities of a Mobile-Cloud World

Robert Keefer headshot

Robert Keefer

Corporate Security Officer

Tweddle Group

Homyar Naterwala headshot

Homyar Naterwala

Head of Cyber Security

GE Capital

James Plouffe headshot

James Plouffe

Strategic Technologist, CISSP

MobileIron

There’s an app for everything these days—from approving expenses in the grocery store line to looking up key customer information in the field. Employees are more productive than ever in today’s mobile-cloud world, which means data—and the risks of compromising it—is plentiful.

In this session, learn:

  • What risks are created through mobile-cloud technologies
  • Ways organizations are using mobile-cloud apps through the business
  • How to craft a security strategy that protects data no matter where it is

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: 

Nathan Schulz at 971-717-6675 or Nathan.schulz@evanta.com

2:30pm - 2:50pm  Networking Break

2:50pm - 3:40pm  Breakout Session

Do You Speak Security?

Karla Thomas headshot

Karla Thomas

Director IT, Global Security & Audit

Tower International

Effective communication can have a measurable impact on the success of a security executive’s program, yet not all parts of the organization react to the same voice. Drawing from a training background, Karla Thomas shares her strategies for building a cohesive security narrative that stretches from front-line employees to the board, including:

  • How to effectively link security priorities to business outcomes
  • Ways to define and execute distinct communication strategies for different audiences
  • Strategies to leverage other leaders as security evangelists

2:50pm - 3:40pm  Executive Boardroom

Refining the Security of OT Environments

Earl Duby headshot

Earl Duby

CISO

Lear Corporation

Daren Fairfield headshot

Daren Fairfield

CISO

Whirlpool Corporation

While the stakes are massive, improving digital security for industrial environments remains a vexing problem for many organizations. Roll up your sleeves with your fellow security leaders and discuss the latest ideas to tackle several key areas in operational technology security such as:

  • Convergence of IT and OT environments
  • Best practices in OT incident response
  • Perspectives on the latest threat landscape for OT

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: 

Nathan Schulz at 971-717-6675 or Nathan.schulz@evanta.com

2:50pm - 3:40pm  Executive Boardroom

Identifying the Way Forward in IAM

John Carr headshot

John Carr

Director, Information Security

Quicken Loans

Erik Wille headshot

Erik Wille

Head of Information Security

Penske Automotive

How are your peers balancing business agility and business security in their identity and access management strategy? Join this roundtable discussion to benchmark your framework and vet future plans, and learn the most innovative tactics security leaders are using for IAM at their organization, including:

  • Methodologies that satisfy users while maintaining adequate access controls
  • Communication techniques to streamline acceptance of IAM across the business
  • Roadmaps for deciding what technology is the best fit

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: 

Nathan Schulz at 971-717-6675 or Nathan.schulz@evanta.com

3:40pm - 4:00pm  Networking Break

4:10pm - 4:40pm  Keynote

Eye for ROI — A CISO Gameshow

Russ Gordon headshot

Russ Gordon

CISO

BorgWarner

Craig James-Heer headshot

Craig James-Heer

CISO

Gordon Food Service

Daniel Ayala headshot

Daniel Ayala

Director, Global Information Security

ProQuest

Maurice Stebila headshot

Maurice Stebila

CISO

HARMAN by Samsung

Don’t touch that dial! In this interactive session, CISOs from organizations across the spectrum will go head-to-head in a challenge to find the most creative solutions for stretching their resources as far as possible. Join this gameshow-inspired session and vote on who has the best eye for ROI in key areas such as:

  • Retaining, attracting and developing security talent
  • Effective incident response
  • Impactful security awareness training
  • Unique, creative security strategies

4:40pm - 5:20pm  Closing Reception & Prize Drawing

Location


Venue & Accommodation

The Cobo Center

Your Community Partners


National Thought Leader
Presenting Sponsor
National Sponsors

Detroit CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program manager.

Nathan Schulz

971-717-6675

nathan.schulz@evanta.com