IN-PERSON

Minneapolis CISO Executive Summit

May 21, 2018 | Hyatt Regency Minneapolis

May 21, 2018
Hyatt Regency Minneapolis

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Douglas DeGrote

Allianz Life Insurance Company of North America
CISO

Paul Hershberger

The Mosaic Company
Director IT, Security Risk & Compliance

Patrick Joyce

Medtronic plc
VP, Global IT & CISO

Michael Kearn

U.S. Bank
VP, Information Security Officer

Tris Lingen

TCF Financial Corporation
EVP, CISO

Jim O'Conner

Cargill, Inc.
CISO

Kathy Orner

Carlson Wagonlit Travel, Inc.
Chief Risk Officer

Agenda

May 21, 2018

morning mid-afternoon afternoon

7:00am - 7:45am Registration & Breakfast

7:45am - 8:30am Keynote

Sparking Ingenuity — How to Inspire Greatness in Teams

Rich Agostino

CISO

Target Corporation

William Scandrett

VP, Chief Information Security Officer

Allina Health System

John Valente

CISO

3M Company

In a landscape where everyone is turning to the same products and tools to keep safe, the likelihood of becoming mired in the predictable is high. To combat this dangerous stagnation, leaders must look inward at the valuable resources that can spring from their teams. Join Rich Agostino, Bill Scandrett and John Valente as they discuss turning security teams into sources of disruptive innovation and creativity. Examining this idea through the lenses of the individual, the environment and expectations, the group will explore unique ways to stretch the scope of what a team can produce.

8:30am - 9:00am Networking Break

9:00am - 9:50am Breakout Session

Beyond the Board – Speaking the Language of Security Throughout the Business

Michael Musto

SVP, CSO

Merrill Corporation

Bring up cybersecurity to CIOs, and you’ll see a narrow range of reactions — fear, frustration, furtive glances for the compliance officer. But the idea of security as “necessary evil” doesn’t square with Mike Musto. As a former head of IT, Musto understands that security can be a tool for empowerment and competitive advantage far beyond IT. By driving alignment through a lens of risk management and strong governance, security can strengthen strategy, bolster the bottom line, and facilitate better collaboration throughout the organization. In this important session, Musto adds the language of security to the lexicon of business, helping you to craft impactful communication, deliver necessary tools and educate leaders from the boardroom to every level of the organization.

9:00am - 9:50am Breakout Session

Think Your Network is Safe? Check All your Endpoints…

Jason O'Keeffe

Senior Security Advisor

HP Inc. Print Security Solutions

While you invest time, resources and millions of dollars in protecting endpoints and network perimeter, are you addressing one of the largest footprints of your network? You may be allowing hackers and malware to take the easy route to your organization’s network and data. Jason O’Keeffe will share real-world breach examples of how some of the most secure organizations are still lagging in overall security for critical endpoints like printers. O’Keeffe will share best practices on how to secure these valuable endpoints in the most effective way.

9:00am - 9:50am Executive Boardroom

Relentless Preparation — Best Practices from the Frontline

Aaron Kiemele

Director of Information Security and Compliance

KLDiscovery

Scott More

Vice President / Chief Information Security Officer

Ameriprise Financial, Inc.

Sonja Wieber

Senior Operational Risk Consultant

Wells Fargo Bank

Wade Alt

Vice President

Booz Allen Hamilton

Never has the statement been more true: it’s not a matter of if, it’s a matter of when. Combining the unprecedented rise in the frequency, sophistication and impact of a cyber attack, the likelihood of companies being attacked has never been higher. By testing incident-response and crisis-management capabilities in a safe environment, you can help your teams identify and proactively fix gaps. Join in a conversation with Booz Allen Hamilton’s Brad Maiorino, to discuss trends in the threat landscape and share lessons learned in how to prepare an organization for crisis response.

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

9:00am - 9:50am Executive Boardroom

Evolving to Prevention Through Machine Learning

Aaron Call

CISO

State of Minnesota

Janet Schoephoerster

Executive Director, Global Engineering and Security

The Interpublic Group of Companies, Inc.

Corey White

SVP, WW Consulting & ThreatZERO Services

Cylance

Machine learning continuously transforms in both size and scope, making it more valuable to organizations each day. For many companies, keeping up with these advancements is the difference between preventing a data breach and falling victim to a multi-faceted malware attack. For some, machine learning technologies is an idea for the future. For others, it's an agile security defense that can help them quickly adapt to the changing environment. In this boardroom discussion, CISOs across the spectrum share how machine learning can set the stage for the advancements of tomorrow.

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

9:50am - 10:20am Networking Break

10:20am - 11:10am Breakout Session

Customizing Security Efficacy — Doing More with Less

Mike Jackson

Director of Information and Systems Security

Casey's General Stores, Inc.

When it comes to quantifying risk with a small team, it’s a cross-discipline conversation. Pulling from a variety of methods, including pen-testing, engineering, monitoring, traditional risk management and threat modeling, Mike Jackson says an organization can be continuously assessed through an organization-specific framework — no vast team of people needed. Join him as he explores a more-with-less approach that translates risk management into specific and tangible deductions for business leaders.

10:20am - 11:10am Breakout Session

Charting AI’s Rise as Cybersecurity’s Force Multiplier

Keith Rayle

Strategist

Fortinet, Inc.

It has never been easier for bad actors to build and deliver malicious software. Today’s world of coders-for-hire and software-as-a-service has made malware an exponentially growing issue, and CISOs are racing to keep up. Against these challenges, Artificial Intelligence has emerged as a tool that could turn the tide for resource-constrained security programs. This session will trace the history of AI and machine learning, and explore how artificial neural networks can operate as part of security operations.

10:20am - 11:10am Executive Boardroom

Securing the ‘There’s an App for That’ World

Darel Gustafson

Director, Information Security

HealthPartners, Inc.

Danielle Taylor

Director, IT Security

The Schwan Food Company

Alex Mosher

Global Vice President, Cloud Solutions

MobileIron

There’s an app for everything these days. And a cloud service behind the scenes. From approving expenses in the grocery store line to looking up key customer information in the field, employees are more productive than ever in today’s mobile-cloud world. Yet it also means there’s data everywhere – on devices, in transit and in the cloud. CISOs face the challenge of crafting a security strategy that protects this data no matter where the data is. This discussion will explore how organizations are using mobile-cloud apps throughout the business, risks created through mobile-cloud technologies and best practices for keeping related data secure.

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

10:20am - 11:10am Executive Boardroom

Measuring and Managing Cyber Risk

Jack Clemons

Information Security Officer

AmeriPride Services Inc.

Betty Elliott

Partner & CISO

Mercer

John Whetstone

Senior Research Architect

NSS Labs

Historically, enterprises have relied largely on the intuition and talent of their technical teams to manage cybersecurity risk. But with annual, global, cybercrime-related costs reaching $500 billion, board members’ expectations of enterprise security teams are changing. Technical teams must now learn to speak the language of business. What KPIs are your team using to measure the effectiveness of your cybersecurity strategy, and how are you obtaining the data? Join this conversation with your peers to discuss how enterprises can begin to eliminate the obscurity associated with cybersecurity.

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

11:10am - 11:40am Networking Break

11:40am - 12:50pm Keynote

CEO/CISO Rapport—the Key to Performance

Craig Dahl

CEO

TCF Bank

Tris Lingen

EVP, CISO

TCF Financial Corporation

Cybersecurity is one of the most complex challenges facing enterprise organizations today. Superior communication and collaboration are critical strategies in facing this challenge, as the implementation of key initiatives requires the support and guidance of fellow leaders. Join Tris Lingen and Craig Dahl as they discuss their CEO/CISO relationship and the complementary security governance system that underpins its strength. Learn more about their mutually supportive relationship and how it leads to greater security performance and results.

12:50pm - 1:20pm Networking Break

1:20pm - 2:10pm Breakout Session

Getting a Handle on the Hype — Managing the Security Theater

Paul Hershberger

Director IT, Security Risk & Compliance

The Mosaic Company

The threats keep coming — striking corporations and cycling through the media. Just staying abreast of the threat flavor-of-the-week has become a major challenge for today’s CISO. It’s time to take a step back and reframe how to respond to the hype, both inside and outside your organization. Paul Hershberger leads this interactive session on how to control the publicity, manage the message to your teams and get back to basics when the sky feels like it’s falling. Join this discussion on how to flip the script and shift into a proactive leadership position.

1:20pm - 2:10pm Breakout Session

Evolving Cybersecurity Solutions to Thwart Modern Criminals

Brian Kenyon

SVP and Chief Strategy Officer

Symantec Corporation

In the cloud era, attacks come from four primary vectors: users and their devices, compromised data, web and email. But attacks and risks have grown dramatically more sophisticated and destructive in recent years. As a result, solutions have had to advance and evolve as well. Join this unique session with Brian Kenyon for an inspiring look at his journey and his company’s approach to both risk and security. Listen in to hear his insights on what our industry can and must become to get ahead of the attacks of tomorrow.

1:20pm - 2:10pm Executive Boardroom

Unlocking the Power of Risk-Adaptive Protection

Jeff Johnson

Manager, IT Security

Digi-Key Electronics

Patrick Joyce

VP, Global IT & CISO

Medtronic plc

Bharath Vasudevan

Senior Director, User and Data Protection Solutions

Forcepoint

Macro IT trends around cloud adoption and BYOD are expanding the threat landscape faced by security organizations who can’t keep hiring to cope with the increasing levels of exposure. Security organizations must evolve from a threat-centric reactive environment in order to offer more effective cyber security. Join in the discussion around the next generation of data protection, including a solution that could adapt protection dynamically and apply monitoring and enforcement controls, offering protection based on the risk level of users and the value of data accessed. Share and learn how to enable security organizations to better understand risky behavior and automate the enforcement of policies to reduce alerts and investigations.

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

2:10pm - 2:30pm Networking Break

2:30pm - 3:20pm Breakout Session

War Games 2.0 — An Interactive Tabletop Session

Michael Levin

Sr. Director Cyber Defense, IRM

UnitedHealth Group Inc.

Adam Mishler

VP, Global Chief Information Security Officer

Best Buy Co., Inc.

Quinn Shamblin

Director, Enterprise Security Architecture

UnitedHealth Group Inc.

With recent high-profile cyberattacks and disasters, it has become critical for organizations to rapidly detect and remediate security incidents and control gaps. How do you know your team is effective? How do you rally the troops and convey the importance of a swift response? Join Mike Levin for an interactive tabletop session where you will learn how to kick-start security initiatives from the C-suite, and create alliances and improved communication across the business. Walk away with new strategies and techniques for improving your security program.

2:30pm - 3:20pm Executive Boardroom

The Evolution of Identity as the Last Line of Cyber Defense

Judy Hatchett

VP, Information Security & CISO

Fairview Health Services

Jim Stephani

IS Manager

Federated Mutual Insurance Companies

Chris Sullivan

CISO

SecureAuth + Core Security

Cloud-first initiatives are moving infrastructure out of the direct oversight of information-security teams, making identity the last line of defense. As a result, identity access management has evolved from an administrative function to a core security function. But is identity the end all, be all — especially for companies envisioning a hybrid environment as an interim or end-state? Join this interactive session for an exploration of identity’s growing and vital role in modern security architectures. Discuss innovative ways to combine identity analytics with traditional security disciplines to more effectively deter, detect and remediate breaches.

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

2:30pm - 3:20pm Executive Boardroom

Cyber Ops — Building an Effective SOC

Bernie Rominski

Director, Information Security

Regis Corporation

James Johnson

CISO

John Deere

Jason Farmer

Advanced Threat Advisor

NETSCOUT | Arbor

When it comes to taking your data from you, cyber criminals never rest. If they can’t get in one way, they will try another. Therefore, when managing incidents for your enterprise, it is critical to ensure that threats and attacks are properly identified, analyzed, communicated, defended, investigated and reported. Join Jason Farmer in this peer-discussion on cyber operations and discover guiding principles for security operations centers, advanced threat detection and enhanced situational awareness.

To reserve your seat, please contact:

Christopher Brown at 971-222-2378 or christopher.brown@evanta.com

3:20pm - 3:40pm Networking Break

3:40pm - 4:20pm Keynote

Security Talent Rewired – a Multi-Disciplinary Approach

Robert Booker

SVP & CISO

UnitedHealth Group Inc.

Security as a discipline and a community faces a series of challenges with one of the most pressing a true shortage of talent and expertise. Robert Booker shares his perspective of how security can evolve in the Minneapolis community. Join him to think critically about the richness of talent and resources in your company. Will tomorrow’s security leaders grow solely from engineering and technology or from as-yet untapped sources? How can collaboration, coaching and culture create an environment where security outcomes are created in a multi-disciplinary manner? Hear how we can incubate talent and thinking for a broad and cross-functional generation of security leaders.

4:20pm - 5:00pm Closing Reception & Prize Drawing