New York CISO Executive Summit

November 12, 2019 | New York Hilton Midtown

November 12, 2019
New York Hilton Midtown

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the New York CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Strategies for a risk-aligned, resilient organization

Developing and investing in the security workforce of tomorrow

Creating business value and supporting agile business operations

New York CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Zouhair Guelzim

L'Oreal
VP & CISO

Raymond Lipps

Celgene Corporation
Executive Director & CISO, Global Information Security

Tod Mitchinson

New York Life Insurance
VP & CISO

Michael Palmer

Hearst Corporation
Chief Information Security Officer

Deborah Snyder

New York State
CISO

Kylie Watson

Sumitomo Mitsui Banking Corporation
CISO

Teresa Zielinski

GE Power
Senior VP, Chief Information Security Officer & Product Security

Agenda


November 12, 2019 - morning

7:30am - 8:00am  Registration & Breakfast

7:45am - 8:00am  Opening Comments

8:00am - 9:00am  Keynote

On the Edge – The Art of High-Impact Leadership

Alison Levine headshot

Alison Levine

Author & Thought Leader, "On the Edge"

Alison Levine

Imagine yourself on the highest mountain in the world. You have to deal with the physiological effects of extreme altitude--along with bone-chilling temperatures, battering winds, and a climbing team that's counting on all of its members to make smart decisions. There's simply no room for poor judgment-- one mistake or misstep can result in an "unrecoverable error." In any situation where lives on are the line or the stakes are exceptionally high--there's no better training ground for leaders than settings where people are pushed beyond their perceived limits. 

Drawing on her experience as team captain of the first American Women's Everest Expedition, Alison Levine makes a compelling case that the leadership principles that apply in the world of extreme adventure also apply to today's rigorously competitive business environments.


9:00am - 9:20am  Networking Break

9:20am - 10:10am  Interactive Session

Prepare for a Major Cyber Attack – A Tabletop Exercise

Michael Cena headshot

Michael Cena

Vice President, Head of Cyber Security

A+E Networks

Teresa Zielinski headshot

Teresa Zielinski

Senior VP, Chief Information Security Officer & Product Security

GE Power

 Most CISOs feel comfortable managing the minor security incidents with standardized processes, but what about major incidents that shake the very foundations of your organization? Such crises can be career-changing. 

Join this workshop to:

  • Learn the basic building blocks of effective cybersecurity crisis response
  • Share challenges and best practices in managing major security events
  • Benchmark against your peers and identify lessons learned


Attendees must register for this session. Seating is limited to 50 people and priority is given to CISOs. 


9:20am - 10:10am  Breakout Session

Managing Customer Identity in the Era of CCPA

Marc Varner headshot

Marc Varner

VP & Global CISO

YUM! Brands

Patrick Sullivan headshot

Patrick Sullivan

CTO, Advanced Technology Group (Security)

Akamai Technologies, Inc.

As we inch closer to the end of 2019 and into 2020, privacy is top of mind for individuals and businesses alike. Approximately a year and a half after the EU adopted GDPR, California is introducing the California Consumer Privacy Act (CCPA) which will impact how companies do business in California. Join Marc Varner, Corporate VP and Global CISO, Yum! Brands, Inc. and Patrick Sullivan, Senior Director, Security Technology & Strategy at Akamai for a lively discussion where they’ll uncover the challenges and opportunities with managing customer identity in this era of evolving privacy regulations.

9:20am - 10:10am  Executive Boardroom

The Next Great Security Challenge — Securing SD-WAN

Chirag Arora headshot

Chirag Arora

Chief Information Security Officer

Crum & Forster

John Whiting headshot

John Whiting

Global Chief Security Officer

DDB Worldwide

Nada MacKinney headshot

Nada MacKinney

Product Marketing Manager, Cisco Cloud Security

Cisco Umbrella

The market consideration and adoption of software-defined WAN (SD-WAN) represents the largest networking transformation in recent history. Organizations are turning to SD-WAN to improve connectivity, reduce costs, and simplify management at their branch office locations. But what about security?

In this boardroom, you will discuss:

  • Embracing change — the pros and cons
  • Addressing weaknesses within brand offices and roaming users
  • Keeping security top of mind for business leaders

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

9:20am - 10:10am  Executive Boardroom

Vulnerability Management - Prioritizing Zero-Day Threats

Mark Ramsey headshot

Mark Ramsey

CISO, ASSA ABLOY–Americas

ASSA ABLOY

Tomas Maldonado headshot

Tomas Maldonado

VP & CISO

International Flavors & Fragrances

Alexei Pivkine headshot

Alexei Pivkine

Technical Director

Snyk

Identifying, classifying and mitigating vulnerabilities continues to be a cornerstone of CISOs overarching risk management strategy. But how are you prioritizing and mitigating zero-day vulnerabilities?

Join your peers in this engaging roundtable discussion to learn how to:

  • Ensure your open-source components and containers live in an active inventory
  • Decrease your time to remediate vulnerabilities by leveraging new approaches, tools and people
  • Empower developers to adopt a security mindset and integrate them into the entire process

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

10:10am - 10:30am  Networking Break

10:30am - 11:20am  Breakout Session

Security in the Regulatory Age – How (and When) to Involve Legal

Kim Peretti headshot

Kim Peretti

Cyber and Data Security Lawyer

Alston & Bird

Eric Staffin headshot

Eric Staffin

Managing Director, Chief Information Security Officer

IHS Markit

As the number of compliance regulations increases, so does the complexity of a CISO’s role. The risks are higher for organizations if a compromise occurs. For that reason, CISOs not only have to structure their security strategy in new ways, but learn to effectively integrate legal into their cyber programs. 

In this session, you’ll learn:

  •  The soft skills necessary for working with your legal officer
  • The art of cybersecurity preparedness into today’s regulation-heavy world
  • The role legal should play during a data breach


10:30am - 11:20am  Breakout Session

Defense in Diversification and the Proactive SOC

John Matthews headshot

John Matthews

CIO

ExtraHop

 The rush to innovate has resulted in more sophisticated threat defenses, but it has also created a complex web of tools that must be managed by an already overworked and understaffed security team. Heterogeneity of defense systems is itself a defense, so modern security teams need to approach consolidation differently.
In this session, attendees will learn how:

  • Data-first approaches to security architectures illuminates natural consolidation points
  • Cross-collaboration within the IT organization improves security posture and reduce tool sprawl
  • Leveraging other parts of the organization improves security posture through smarter processes and practices


10:30am - 11:20am  Executive Boardroom

Cyber-Risk Management–New Approaches for Reducing Your Cyber-Exposure

Ken Brothers headshot

Ken Brothers

VP & Director, Information Security Services

Federal Home Loan Bank Of New York

Bryan Chnowski headshot

Bryan Chnowski

Senior Director - Information Security

Nuvance Health

Kevin Flynn headshot

Kevin Flynn

Senior Product Manager

Tenable

When it comes to reducing cyber risk, overcoming vulnerability overload is critical. Find out how predictive prioritization will improve your vulnerability management efforts so you can focus on what matters most to your business. During this peer-discussion you will explore:

  • How to use threat intelligence to move the most dangerous vulnerabilities up your priority list
  • The resources required to effectively assess your environment and prioritize your efforts in a predictive manner
  • Practices that will help you take appropriate actions to make your organization more secure
  • How to make your staff more efficient by drastically reducing the number of high priority vulnerabilities they need to remediate

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

10:30am - 11:20am  Executive Boardroom

Digital Risk Explosion — Managing Risk in a Hyper-Outsourcing World

Patrick Park headshot

Patrick Park

Director, information Security & CISO

Milbank

Daniel Gorecki headshot

Daniel Gorecki

CISO

Aramark

Eric Blatte headshot

Eric Blatte

President & Co-Founder

RiskRecon

Digital transformation has dramatically transformed the enterprise risk surface, automating a vast array of processes while outsourcing a vast array of systems and services. Through this frenetic reshaping, few organizations truly understand the nature of their new risk reality and how to successfully manage it.

In this interactive discussion we will:

  • Explore the true nature of the enterprise cyber risk surface
  • Discuss threats and regulations driving organizations to better manage their extended enterprise
  • Share insights on how to better manage third-party risk (hint: good data!)

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

November 12, 2019 - mid-afternoon

11:20am - 11:45am  Networking Break

11:45am - 12:30pm  Lunch & Comments

Lunch & Interactive Discussion

  • Security operations
    • What is the maturity of your security operations program?
    • What is your process for building an operational playbook?
    • What KPIs or KRIs do you use to measure success?
  • Communication and awareness
    • How do you approach security with a holistic lens?
    • What are some of the challenges that you face when communicating with the C-suite and/or your business teams?
    • How do you evaluate, communicate and demonstrate the ROI of a proposed initiative or tool?
  • Access and Identity Management
    • What strategies and tools are you using to improve visibility into your systems?
    • How are you integrating the user experience with security?
    • How are you measuring the success of your access management program?
  • Governance and privacy
    • How are you responding to/preparing for regulatory changes?
    • How do you balance compliance with business requirements?
    • What standards and metrics are you using to measure risk?
  • Talent and developing leaders
    • What are some tangible strategies for creating and developing new talent resources?
    • What best practices exist for retaining talent, once secured?
    • How are you developing your future leaders? What succession plan strategies do you have in place?

12:30pm - 1:00pm  Keynote

Accelerating Security to the Speed of Business

David Roth headshot

David Roth

Vice President, US Northeast

Trend Micro Incorporated

Today’s business world is agile-driven, and various technology advancements have emerged to enable this agility including clouds, DevOps, containers and serverless architectures. In this environment, security leaders must rethink security success across a technology landscape teeming with automation and constant change. Join us for this session to understand strategies designed to meet today’s security objectives -- and at the speed the business requires.

Roth will cover:

  • How to incorporate a new engagement model
  • What it means to write code to automate security, infrastructure = code
  • Leveling up your team, what does it mean?

1:00pm - 1:20pm  Networking Break

1:20pm - 2:10pm  Breakout Session

Privacy and Security – A Crucial Collaboration

Orrie Dinstein headshot

Orrie Dinstein

Global Chief Privacy Officer

Marsh & McLennan Companies, Inc.

Meredith Grauer headshot

Meredith Grauer

Chief Privacy Officer

Nielsen

Jon Westlund headshot

Jon Westlund

Privacy Counsel

Pfizer

Tomas Maldonado headshot

Tomas Maldonado

VP & CISO

International Flavors & Fragrances

As the topic of privacy moves to center stage with the implementation of new data protection laws and regulations such as GDPR and the California Consumer Privacy Act, CISOs find themselves struggling to maintain compliance in addition to keeping their organizations secure. Are you ready for the next wave of changes? Join this dynamic panel as they discuss:

  • How privacy regulation continues to change our approaches to business
  • How you can effectively communicate the importance of security during privacy policy shifts
  • Tools and resources that can help you deal with privacy transitions

1:20pm - 2:10pm  Breakout Session

Artificial Intelligence vs. Malware

Douglas Santos headshot

Douglas Santos

Cybersecurity Strategist

Fortinet, Inc.

Due to the wide range of readily available resources for creating malicious payloads, such as coders for hire and SaaS, malware is an exponentially growing issue. Douglas Santos will dive into the functioning and operational game changers of both AI and malware. 

Join this session to uncover: 

  • The history and workings of AI 
  • Deep machine learning neural networks 
  • The future of these systems in fighting cybercrime


1:20pm - 2:10pm  Executive Boardroom

Preparing the Next-Gen Workforce

Mark Connelly headshot

Mark Connelly

CISO

Boston Consulting Group

Max Vetter headshot

Max Vetter

Chief Cyber Officer

Immersive Labs

Talent needs are like security threats—plentiful, complex and ever-evolving. CISOs know that skills learned in the classroom doesn’t match the pace of cybersecurity, but what are strategies for developing effective and successful teams for the future?

Join this interactive session to learn how to:

  • Enable your workforce to continuously evolve cyber skills
  • Map your organization’s cyber skills directly to your security strategy
  • Reskill talent to evolve with the security landscape

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

1:20pm - 2:10pm  Executive Boardroom

Military Principles – Protecting and Defending the Cyber Domain

Tariq Habib headshot

Tariq Habib

CISO

Metropolitan Transportation Authority

James O'Shea headshot

James O'Shea

Head of Cybersecurity Strategy

Prudential

John Burger headshot

John Burger

CISO and Vice President of IT Infrastructure

ReliaQuest

Now more than ever, business leaders and cyber security professionals are looking to the military as a source of insight for protecting and defending the cyber domain. Many warfighting principles remain relevant to this new “manmade” domain, but there are pitfalls and nuances – and security technology alone is not the answer. 

In this session you’ll discuss:

  • What principles can be applied and how best to implement them
  • How to balance the difference in tool proliferation and complexity
  • Where to focus your team on simplifying across the organization

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

November 12, 2019 - afternoon

2:10pm - 2:30pm  Networking Break

2:30pm - 3:20pm  Breakout Session

How CDOs and CISOs Can Drive Business Forward

Adam Hirsch headshot

Adam Hirsch

SVP, Information Security

PVH Corp.

Santosh Kudva headshot

Santosh Kudva

VP, Data & Analytics

GE Power

CDOs and CISOs often have conflicting goals – one wants to glean insights from it, while the other wants to protect it. How can one enable a data-driven business while still safeguarding valuable information?

In this session, hear a CISO and CDO discuss:

  • How CISOs can effectively partner with their heads of data
  • What questions CISOs should be asking their CDOs
  • Ways to secure the business without hindering it
  • Understanding and communicating data and security needs


2:30pm - 3:20pm  Breakout Session

How Low-Tech Hackers Hack Your APIs in 15 Min or Less

Himanshu Dwivedi headshot

Himanshu Dwivedi

CEO

Data Theorem

It’s not easy to protect something you don’t know exists. Hidden APIs are no different. While CISOs know APIs are targets for attacks, they can’t protect what they don’t know is there. How can CISOs more quickly find existing, hidden APIs and protect them from potential attacks?

In this session, learn:

  • Why and how shadow APIs are targeted by attackers
  • How to quickly find and protect shadow APIs from threats
  • Why protecting APIs should be a priority for CISOs


2:30pm - 3:20pm  Executive Boardroom

Identifying and Securing Unstructured Data

Jeff Brown headshot

Jeff Brown

CISO, Life & Retirement

AIG

Greg Kyrytschenko headshot

Greg Kyrytschenko

VP Deputy CISO - Head of Security Services

Guardian Life

Jeremiah Steptoe headshot

Jeremiah Steptoe

Founder

CyberCentric

Organizations are challenged with how to implement security and privacy requirements across their growing inventory of unprotected unstructured data. Unstructured data in the form of sensitive documents including intellectual property and PII is the “wild west” of data security and privacy as it travels freely internal and external to the organization.

Join your peers in this engaging roundtable discussion to explore:

  • The key differences – and complexities - between structured & unstructured data
  • Challenges securing sensitive data in the cloud
  • How regulations such as GDPR is changing the data security landscape

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Brad Campbell at 971-9785-070 or brad.campbell@evanta.com

3:20pm - 3:40pm  Networking Break

3:40pm - 3:50pm  Closing Comments

3:50pm - 4:20pm  Keynote

The Predictions Panel – A Look at Future Threats

James O'Shea headshot

James O'Shea

Head of Cybersecurity Strategy

Prudential

Tomas Maldonado headshot

Tomas Maldonado

VP & CISO

International Flavors & Fragrances

Mark Ramsey headshot

Mark Ramsey

CISO, ASSA ABLOY–Americas

ASSA ABLOY

To truly safeguard an organization, CISOs mustn’t merely focus on existing threats, but future ones, too. They must ask themselves – what's on the horizon? 

At the precipice of a new decade, prepare to: 

  • Hear a panel of CISOs predict the biggest threats of 2020
  • Share your own threat predictions for 2020
  • Discuss critical changes in the next 5 years and – more importantly – how to prepare for them

4:20pm - 5:00pm  Closing Reception & Prize Drawing

Location


Venue & Accommodation

New York Hilton Midtown

Your Community Partners


National Thought Leaders
National Sponsors

New York CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Brad Campbell

Program Manager

971-978-5070

brad.campbell@evanta.com