IN-PERSON

Minneapolis CISO Executive Summit

December 10, 2019 | Hilton Minneapolis

December 10, 2019
Hilton Minneapolis

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the Minneapolis CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Strategies for a risk-aligned, resilient organization

Developing and investing in the security workforce of tomorrow

Creating business value and supporting agile business operations

Minneapolis CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Douglas DeGrote

Allianz Life Insurance Company of North America
CISO

Patrick Joyce

Medtronic plc
VP, Global IT & CSO

Michael Kearn

U.S. Bank
VP, Managing Business Information Security Officer Security Risk & Technology Consulting

Tris Lingen

3M
Chief Information Security Officer

Jim O'Conner

Cargill, Inc.
CISO

Kathy Orner

CWT
Chief Risk Officer

Agenda


December 10, 2019

7:00am - 7:45am  Registration & Breakfast

7:45am - 8:00am  Opening Comments

8:00am - 8:30am  Keynote

Criminal Perspectives – Past, Present and Future of Cybercrime

Brett Johnson headshot

Brett Johnson

Former US Most Wanted Cybercriminal and Original Internet Godfather

If you want to know about crime, ask a cybercriminal. Join "The Original Internet Godfather" Brett Johnson for a one-of-a-kind presentation on security and leadership in the new threat landscape. Considered one of the best social engineers in the world, he will share how he learned to live on the right side of the law. 

In this keynote, Brett will dive into:

  • The current state of crime and common flags, from synthetic fraud to account takeovers
  • The power of organized networks – for good or harm – and ways to disrupt criminals
  • What’s next, and what you can do to protect yourself and your business

8:30am - 9:00am  Networking Break

9:00am - 9:50am  Breakout Session

Creating a Strong Line of Defense Through Awareness

Jeff Weeks headshot

Jeff Weeks

SVP and CISO

First National of Nebraska, Inc.

Awareness is the number one tool in our information security arsenal to combat information security threats. One user, one click, and millions of dollars of technical defenses can be defeated. First National Bank has an aggressive security training and awareness campaign, engaging employees through multiple avenues year-round. Jeff Weeks shares his strategies on protecting employees at home and work through elevated security consciousness. 

In this session, learn: 

  • The value of branding information security
  • The personal touch you can bring to security awareness
  • How to transform security into an enabler for business units

9:00am - 9:50am  Breakout Session

Digital Risk Explosion — Managing Risk in a Hyper-Outsourcing World

Peter Kobs headshot

Peter Kobs

EVP

RiskRecon

Digital transformation has dramatically transformed the enterprise risk surface, automating a vast array of processes while outsourcing a vast array of systems and services. Through this frenetic reshaping, few organizations truly understand the nature of their new risk reality and how to successfully manage it.

In this interactive discussion we will:

  • Explore the true nature of the enterprise cyber risk surface
  • Discuss threats and regulations driving organizations to better manage their extended enterprise
  • Share insights on how to better manage third-party risk (hint: good data!)

9:00am - 9:50am  Executive Boardroom

Next-Generation Cloud Security

Steven Scarbrough headshot

Steven Scarbrough

Enterprise Security Architect

Daktronics

Tony Taylor headshot

Tony Taylor

CISO

Land O'Lakes

Steve Quane headshot

Steve Quane

Chief Product Officer

Trend Micro Incorporated

As organizations increasingly turn to cloud-based services to enable the next phase of digital transformation, security leaders face the challenge of ensuring the enterprise’s data remains secure. Join this session to learn the emerging best practices your peers employ to secure the cloud, including:

  • Automation via APIs, orchestration, AI and Machine Learning strategies
  • Ways to incorporate the Cloud into a fully articulated security strategy
  • Configuring Cloud environments to meet regulation and compliance requirements

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager Joey Freedman at joey.freedman@evanta.com or 971-978-5009.

9:50am - 10:20am  Networking Break

10:20am - 11:10am  Interactive Session

Measuring Up — An Interactive Benchmarking Discussion

Aimee Martin headshot

Aimee Martin

Sr. Manager, IT Security & Governance, Risk and Compliance (GRC)

Vista Outdoor

One of the best ways to push yourself is to know where you stand among your peers and allow them to challenge your assumptions. But even if you have a speed-dial full of trusted associates, this type of information sharing can be piecemeal and infrequent.

In this interactive session, you will:

  • Benchmark your processes around the community’s most pressing priorities
  • Compare your priorities with a cross-section of your peers

10:20am - 11:10am  Breakout Session

Defense in Diversification — Think Differently About Data

Tom Stitt headshot

Tom Stitt

Senior Director, Product Marketing - Security

ExtraHop

The rush to innovate has resulted in more sophisticated threat defenses, but it has also created a complex web of tools that must be managed by an already overworked and understaffed security team. Heterogeneity of defense systems is itself a defense, so modern security teams need to approach consolidation differently.

In this session, attendees will learn how:

  • Data-first approaches to security architectures illuminates natural consolidation points
  • Cross-collaboration within the IT organization improves security posture and reduce tool sprawl
  • Leveraging other parts of the organization improves security posture through smarter processes and practices

10:20am - 11:10am  Executive Boardroom

Modern Approaches to Protecting Your Third-Party Ecosystem

Judy Hatchett headshot

Judy Hatchett

VP, Information Security & CISO

Fairview Health Services

Jerry Clayton headshot

Jerry Clayton

VP Sales & Customer Enablement

CyberGRX

It's no secret that hackers are opportunistic. They are constantly looking for the weakest link and are quick to capitalize on one as soon as it's spotted.

This boardroom will discuss:

  • Third-party cyber risk best practices
  • New strategies for third-party cyber risk management (TPCRM) and how they work
  • How to scale your third-party cyber risk management (TPCRM) program to evolve with your ecosystem

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact Joey Freedman at 971-978-5009 or joey.freedman@evanta.com.

11:10am - 11:40am  Networking Break

11:40am - 12:20pm  Lunch & Comments

12:20pm - 12:50pm  Keynote

Farewell to the Old Guard – Introducing the Modern Security Architecture

Jason Clark headshot

Jason Clark

CSO

Netskope

Until now, the information security industry has failed to deliver business empowering security solutions, which enable organizations to quickly and securely transform digitally. Security today is too complicated and draws from a 20-year-old playbook. It needs to be re-written and based on approaches that protect and empower the business. In this session, we will:

  • Share how many of the Fortune 100 are redefining their cloud, network and data security programs
  • Discuss the steps and architectures that are the key to transformation
  • Reimagine your approach to enterprise security, building a new blueprint that can be used for years to come

12:50pm - 1:20pm  Networking Break

1:20pm - 2:10pm  Breakout Session

Synthetic Fraud and Cybercrime - An Interactive Workshop

Brett Johnson headshot

Brett Johnson

Former US Most Wanted Cybercriminal and Original Internet Godfather

Brett Johnson follows his opening keynote with a conversation on the organization of cybercrime, how to stop it, and the problems of synthetic identity fraud. This session is designed to be a solutions-oriented group effort to deep dive into the issues of organized cybercrime and synthetic fraud.

In this session, learn: 

  • The criminal side of synthetic fraud and what worries fraudsters about these crimes
  •  How cybercrime is organized, and why it’s so successful and hard to stop
  •  The overall mindset of online criminals
  •  Which tools work and which don't against cybercriminals

1:20pm - 2:10pm  Breakout Session

Bridging the Gap on Cybersecurity Talent

Tammylynne Jonas headshot

Tammylynne Jonas

Global CIO

Self Esteem Brands

Britt Lindley headshot

Britt Lindley

VP & CISO

Thrivent Financial

Harshal Mehta headshot

Harshal Mehta

VP, CISO

CWT

Mark Ritchie headshot

Mark Ritchie

President

Global Minnesota

With 0% unemployment in cybersecurity, recruiting, hiring and retaining talent provides a consistent challenge. Join this panel of peers for a discussion on challenges that come with building and retaining a successful team. In this session, the panel will discuss:

  • How to use a wide range of security positions to attract talent
  • Strategies to make security an attractive career opportunity
  • How to retain top talent once they're hired on

1:20pm - 2:10pm  Executive Boardroom

Cyber Resiliency — Evolving Your Cyber Ecosystem

Betty Elliott headshot

Betty Elliott

Partner & CISO

Mercer

Jeff Johnson headshot

Jeff Johnson

Director, IT Security

Digi-Key Electronics

Mase Issa headshot

Mase Issa

Director, Service Delivery

Expel

Managing and mitigating risk is a complex undertaking that spans phishing to networking monitoring. Faced with increasingly complex and sophisticated threats, CISOs must be strategic about improving their resilience and tracking improvements.

Join this boardroom to discuss:

  • Best practices for identifying, investigating and responding to threats
  • Different models for running your security operations capabilities
  • The importance of measuring improvements in your program

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager Joey Freedman at joey.freedman@evanta.com or 971-978-5009.

1:20pm - 2:10pm  Executive Boardroom

Communicating Risk – Translating Insight Into Action

Linda Goettler headshot

Linda Goettler

CISO

City of Saint Paul

Greg Matthias headshot

Greg Matthias

EVP, CISO

TCF Bank

Unlike the CISO role of just a few years ago – where many could still focus heavily on the bits and bytes – today’s security leader is also expected to be a business leader. Uncover strategies with your peers to help you become fluent in the languages of risk, finance and strategy, and to effectively convey your message, including:

  • How to educate your board on cybersecurity so they become champions for security in your company
  • What the board really wants to hear from CISOs
  • Which metrics will help you craft a compelling story that inspires action

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager Joey Freedman at joey.freedman@evanta.com or 971-978-5009.

2:10pm - 2:30pm  Networking Break

2:30pm - 3:20pm  Breakout Session

Trust and Transformation — Employing a Cybersecurity Framework

Mandy Huth headshot

Mandy Huth

VP, Cybersecurity

Kohler Co.

 As organizations continue to evolve, cybersecurity is oftentimes viewed as a barrier to innovation. Join Mandy Huth as she shares how she implemented the framework for a consistent cybersecurity program and changed the way Kohler perceives security.

In this session, you’ll learn how to:

  • Effectively use a cybersecurity framework to execute your strategy
  • Improve business engagement with risk assessments
  • Add consistency to measuring controls

2:30pm - 3:20pm  Executive Boardroom

Thinking Beyond the Password

Darren Hibbard headshot

Darren Hibbard

Information Security Manager

Winnebago Industries

Aimee Martin headshot

Aimee Martin

Sr. Manager, IT Security & Governance, Risk and Compliance (GRC)

Vista Outdoor

The end user experience needs to be on the forefront for any organization. Whether internal or external, both seamless and secure access is necessary in today's technology landscape.  What challenges do we as CISOs face as information and accounts are accessed through multiple IPs?

  • Come together with your peers to discuss:
  • How do we merge both a seamless and secure point of access?
  • What are future technologies that can adapt and evolve with business and customer needs? 
  • How secure is too secure? 

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager Joey Freedman at joey.freedman@evanta.com or 971-978-5009.

2:30pm - 3:20pm  Executive Boardroom

Regulation & Privacy – Beyond GPDR

Jonathan May headshot

Jonathan May

Senior Security Lead

Mortenson

Michael Musto headshot

Michael Musto

Deputy Chief Security Officer

3M

Since its enforcement date, GDPR has changed the way CISOs think about privacy risk management. In addition, it became a catalyst for new data protection laws and regulations. Compare and contrast best practices for your industry, business and regulatory environment in this session, including:

  • How to interpret the implications of regulatory requirements 
  • Practical tips and lessons to manage privacy risk
  • How privacy risk management fits into your organization’s overall security ecosystem

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager Joey Freedman at joey.freedman@evanta.com or 971-978-5009.

3:20pm - 3:40pm  Networking Break

3:40pm - 3:50pm  Closing Comments

3:50pm - 4:20pm  Keynote

Less Is More – Effective Reporting to the Board

Jesse Horowitz headshot

Jesse Horowitz

EVP, Head of Enterprise Information Security Risk Management Oversight

Wells Fargo Bank

A growing number of boards are making the topic of cybersecurity a key part of their discussions. It has become fundamental for CISOs to provide them with visibility and clearly articulate how risk is being managed in well-defined business terms. Jesse Horowitz from Wells Fargo Bank shares his strategy for effectively communicating metrics and risk to the board.

In this session, learn to:

  • Articulate and define your story 
  • Define dollar amounts into risk
  • Position security as an enabler of the business

4:20pm - 5:00pm  Closing Reception & Prize Drawing

December 10, 2019

Location


Venue & Accommodation

Hilton Minneapolis

Your Community Partners


National Thought Leaders
National Sponsors
Local Sponsors

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Joey Freedman

Program Manager

971-978-5009

joey.freedman@evanta.com