Southern California CISO Executive Summit

June 4, 2019 , Hilton Los Angeles Universal City

June 4, 2019
Hilton Los Angeles Universal City

Collaborate with your peers

Get together with your peers to tackle top business challenges through peer-driven content and discussions at the Southern California CISO Executive Summit.

Join your peers to discuss the most critical issues impacting CISOs today:

Investing in your people and the right technologies 

Innovating with advanced technologies and new delivery models

Influencing business stakeholders and enterprise outcomes

Southern California CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Bently Au headshot

Bently Au

AEG Worldwide
VP, CISO

Nikolay Chernavsky headshot

Nikolay Chernavsky

PennyMac Mortgage Investment Trust
SVP & CISO

Matt Crouse headshot

Matt Crouse

Taco Bell
CISO

Lara Divi headshot

Lara Divi

Dine Brands Global
VP, CISO

Arthur Lessard headshot

Arthur Lessard

Universal Music Group
SVP & CISO

Dan Meacham headshot

Dan Meacham

Legendary
Vice President, Security & Operations

Nick Reva headshot

Nick Reva

Snap Inc.
Security Engineering Lead

Marty Simmons headshot

Marty Simmons

Kite Pharma
Director, IT Security & Compliance

Billy Spears headshot

Billy Spears

loanDepot
SVP, CISO

Terrence Weekes headshot

Terrence Weekes

Jack in the Box, Inc.
CISO

Agenda


June 4, 2019 - morning

7:00am - 7:45am  Registration & Breakfast

7:45am - 8:30am  Keynote

The Next Century of Cybersecurity

Ben Hammersley headshot

Ben Hammersley

Author & Futurist

Ben Hammersley

Today’s breakneck pace of technological disruption is only matched by the flood of sensitive data flowing to the digital realm, and information security leaders are a lighthouse in the storm. What’s next for the CISO, and what’s next for the threat landscape they face? Will new technologies completely rewrite what it means to be a CISO? Join Futurist Ben Hammersley as he shares his meditation on the future of cybersecurity:

  • What should the CISO be preparing for to brace for unprecedented change?
  • What technologies are on the horizon that will revolutionize data protection?
  • What’s next for the bad guys?

8:30am - 9:00am  Networking Break

9:00am - 9:50am  Breakout Session

Corporate Transitions — Navigating Disruptive Cyber Waters

Richard Greenberg headshot

Richard Greenberg

Information Security Officer

Los Angeles County Department of Public Health

Bruce Phillips headshot

Bruce Phillips

SVP, Chief Information Security Officer

Williston Financial Group

Shyama Rose headshot

Shyama Rose

CISO

Avant

Marty Simmons headshot

Marty Simmons

Director, IT Security & Compliance

Kite Pharma

One thing we know for sure, change is constant in our professional worlds. From M&A and company splits to reorgs and business identity changes – how can you keep your organization secure during these shifts? How do you keep disruption to a minimum? In this session, you will:

  • Learn how to create an effective digital growth strategy that supports business goals
  • Identify the implications and impacts of change and risk
  • Discover how to address vulnerabilities

9:00am - 9:50am  Breakout Session

Mission Impossible — So Many Risks, So Little Time

Ladi Adefala headshot

Ladi Adefala

Senior Security Strategist

Fortinet, Inc.

Emerging risks can be unpredictable and disruptive. Fifth Generation (5G) mobile communications, extended reality, smart speakers, drones all offer incredible benefits but they also come with unexpected risks. These are truly the unpredictable unknowns. Anticipating these blind spots can appear impossible in light of the accelerated pace of technology innovations.  In this session, you’ll:

  • Learn about emerging risks
  • Identify impact and implications of these risks
  • Discover strategies to address them

9:00am - 9:50am  Executive Boardroom

Patterns and Anti-Patterns for Practical Applications of AI

Bently Au headshot

Bently Au

VP, CISO

AEG Worldwide

Nick Reva headshot

Nick Reva

Security Engineering Lead

Snap Inc.

Doug Lhotka headshot

Doug Lhotka

Executive Cybersecurity Architect

IBM

Deep Learning. Machine Learning. Artificial Intelligence. These trends can deliver immense dividends, but they also invite new risks. How can CISOs prepare to reap the rewards while also thwarting potential attackers? Join this session to learn how to:

  • See beyond the hype and understand the benefits of AI
  • Use AI to create both long- and short-term business benefits
  • Prevent potential attackers from exploiting the vulnerabilities of new technologies

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

9:00am - 9:50am  Executive Boardroom

Modern Approaches to Protecting Your Third-Party Ecosystem

Steve Schwartz headshot

Steve Schwartz

Director, IT Security

Lionsgate

Mark Van Holsbeck headshot

Mark Van Holsbeck

IT Risk & Security CISO

Avery Dennison

Fred Kneip headshot

Fred Kneip

CEO

CyberGRX

It's no secret that hackers are opportunistic. They are constantly looking for the weakest link and are quick to capitalize on one as soon as it's spotted. This boardroom will discuss:

  • Third-party cyber risk best practices
  • New strategies for third-party cyber risk management (TPCRM) and how they work
  • How to scale your third-party risk management (TPRM) program to evolve with your ecosystem


Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

9:50am - 10:20am  Networking Break

10:20am - 11:10am  Breakout Session

From Zero to 100 — Yamaha’s Race to Cyber Strength

Glenn Coles headshot

Glenn Coles

GM & CIO

Yamaha Motor Corporation, U.S.A.

Douglas Gaboya III headshot

Douglas Gaboya III

Senior Manager and CISO

Yamaha Motor Corporation, U.S.A.

Yamaha Motor Corporation, U.S.A. was admittedly late to the game when it came to cybersecurity, but the creation of a captive finance company with lots of PII required the organization to step on the gas. Discover how the enterprise’s CIO and CISO quickly and efficiently:

  • Put together a program of people, processes and technology
  • Leveraged vendors and tools to jump straight into to the latest and greatest cloud-type solutions
  • Built a SOC, which has no on-premise staff but provides 24-7 coverage, on a shoestring budget

10:20am - 11:10am  Breakout Session

Real World Strategies for a Proactive SOC

Jeff Costlow headshot

Jeff Costlow

Deputy CISO

ExtraHop

Two pillars of a successful and proactive SOC are threat hunting and incident response. The use of network traffic analysis can help improve performance in these two areas, if you can trust the data. In this session, you will learn: 

  • Current attack practices, including abuse of legitimate traffic and encryption
  • How hunters hide from attackers to avoid counter IR maneuvers
  • Ways to make analysts faster and more effective at validating and responding to threats
  • Options for empowering cross-training and on-the-job training to increase analysts' skills
  • Clarity on how gaining visibility into cloud and encrypted traffic

10:20am - 11:10am  Interactive Session

Wear the Black Hat in a Cybersecurity Escape Room

Jennifer Fusco headshot

Jennifer Fusco

Cyber Security Analyst

Boston Scientific

As a security executive, you know how many disparate pieces of information can together leave you vulnerable to hackers. Framed photos. Letters from family. Personal documents tucked away in a drawer. For 50 minutes, you’ll try on the black hat, assuming the role of a hacker trying to access an organization’s most sensitive data.

The catch—you only have 40 minutes to gather all the correct intel to gain access to the data, and you’re limited to the clues around the room.

In this session, be prepared to:

  • Hack a Facebook account using information left behind on employees’ desks
  • Identify which sensitive documents commonly found on employees’ desks can be used to access important accounts
  • Learn a new way to gamify insider threat training

*Please note: This interactive session is limited to 10 attendees.

10:20am - 11:10am  Executive Boardroom

Managing the Convergence of Global Data Regulations

Lara Divi headshot

Lara Divi

VP, CISO

Dine Brands Global

Terrence Weekes headshot

Terrence Weekes

CISO

Jack in the Box, Inc.

Matt Little headshot

Matt Little

Chief Product Officer

PKWARE, Inc.

Information security leaders navigate an increasingly complex matrix of national and foreign data privacy regulations. GDPR caused organizations to scramble to meet data protection directives and reassess risk management through new compliance reporting requirements and potential exposure to financial penalties. Now California has its own Privacy Act set to come into effect, and it’s one of potentially many different pieces of forthcoming regulation and policy. How can organizations create a unified data protection and compliance strategy that meets conflicting requirements? In this session, discuss:

  • The current landscape of data privacy regulation around the world
  • Best practices for managing risk associated with data protection frameworks
  • Standards and metrics for measuring data protection risk
  • Data classification strategies to aid compliance, regardless of regulation

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

10:20am - 11:10am  Executive Boardroom

Translate Complex Cybersecurity Issues into Simple Business Context

Steve Tran headshot

Steve Tran

CISO

MGM Studios

Alan Deeter headshot

Alan Deeter

Director, Enterprise Sales West

BitSight Technologies

It is much easier now to determine what’s important, dangerous and real in your third party ecosystem. Yet, as hacks continue to threaten data and business continuity, the old school of thought around securing the enterprise is no longer relevant. This boardroom will explore:

  • Layering traditional tools and new strategies to define goals and deploy resources
  • Communicate to the board through a holistic risk lens
  • Developing clear business cases connecting business profitability to risk reduction


Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

11:10am - 11:40am  Networking Break

June 4, 2019 - mid-afternoon

11:40am - 12:50pm  Keynote

Phishing Defense — The Art of Human Intuitive Repulsion

Aaron Higbee headshot

Aaron Higbee

CTO & Co-Founder

Cofense, formerly PhishMe

As intuitive human beings we often somehow sense when things aren’t quite right. When a newborn is “too quiet,” a sixth-sense can be more reliable than a baby monitor. What applies to life also applies to cybersecurity. Machine learning and artificial intelligence can weed out some of the threats, but they won't catch everything. Find out why trusting your gut – knowing when to say something when you see something – is a key part of any organization's phishing defense. In this session:

  • Discover security trends, threat-actor tactics and defense strategies across the global financial sector
  • Learn the types of phishing attacks seen in the financial sector
  • See how attackers evolve their tactics to avoid perimeter controls

12:50pm - 1:20pm  Networking Break

1:20pm - 2:10pm  Breakout Session

Diversity and Cybersecurity – Building a More Effective Team

Quincey Collins headshot

Quincey Collins

Chief Security Officer

Sheppard Mullin Richter & Hampton

Lara Divi headshot

Lara Divi

VP, CISO

Dine Brands Global

Tommy Ng headshot

Tommy Ng

IT Security, Risk and Compliance Manager

Dole Packaged Foods

Jerry Sto. Tomas headshot

Jerry Sto. Tomas

CISO

Apria Healthcare

In a world where attracting, hiring and retaining talent is the most significant challenge that security professionals face – we must leave no stone unturned when it comes to staffing our critical information security positions. Don’t miss this opportunity to take diversity and cybersecurity down to its core in an honest, constructive manner. Learn more about:

  • The benefits of diversity and inclusion in your organization
  • Talent retention strategies and techniques
  • Your identity and brand as a company
  • How to build the next generation of security professionals

1:20pm - 2:10pm  Breakout Session

Farewell to the Old Guard – Introducing the Modern Security Architecture

Jason Clark headshot

Jason Clark

Chief Strategy Officer

Netskope

Sean Cordero headshot

Sean Cordero

Head of Cloud Strategy

Netskope

Until now, the information security industry has failed to deliver business empowering security solutions, which enable organizations to quickly and securely transform digitally. Security today is too complicated and draws from a 20-year-old playbook. It needs to be re-written and based on approaches that protect and empower the business. In this session, we will:

  • Share how many of the Fortune 100 are redefining their cloud, network and data security programs
  • Discuss the steps and architectures that are the key to transformation
  • Reimagine your approach to enterprise security, building a new blueprint that can be used for years to come

1:20pm - 2:10pm  Interactive Session

Wear the Black Hat in a Cybersecurity Escape Room

Jennifer Fusco headshot

Jennifer Fusco

Cyber Security Analyst

Boston Scientific

As a security executive, you know how many disparate pieces of information can together leave you vulnerable to hackers. Framed photos. Letters from family. Personal documents tucked away in a drawer. For 50 minutes, you’ll try on the black hat, assuming the role of a hacker trying to access an organization’s most sensitive data.

The catch—you only have 40 minutes to gather all the correct intel to gain access to the data, and you’re limited to the clues around the room.

In this session, be prepared to:

  • Hack a Facebook account using information left behind on employees’ desks
  • Identify which sensitive documents commonly found on employees’ desks can be used to access important accounts
  • Learn a new way to gamify insider threat training

*Please note: This interactive session is limited to 10 attendees.

1:20pm - 2:10pm  Executive Boardroom

Dissecting Recent Breaches and Ensuring Cyber Resiliency

Michael Miora headshot

Michael Miora

SVP & Global CISO

Korn Ferry

Kris Virtue headshot

Kris Virtue

Head, Global Information Security and Risk Management

Qualcomm

Anand Kotti headshot

Anand Kotti

SAP Security Expert

Onapsis

In April 2019, the Department of Homeland Security issued an alert citing "New Exploits for Unsecure SAP Systems" after new exploits, termed "10KBLAZE" were publicly released. While protecting endpoint access, phishing and network monitoring is important, nothing else matters if your core business applications are not a primary strategic component. In this session, we will explore:

  • Why and how ERP applications are actively under attack
  • How cloud, mobile and digital transformations are expanding the attack surface
  • Steps you can take to ensure cyber resiliency and mitigate risk


Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

1:20pm - 2:10pm  Executive Boardroom

Modernizing Your SOC

Anthony Chogyoji headshot

Anthony Chogyoji

CISO

County of Riverside

Dan Meacham headshot

Dan Meacham

Vice President, Security & Operations

Legendary

Nitin Agale headshot

Nitin Agale

SVP, Products & Marketing

Securonix

When it comes to taking your data from you, cyber criminals never rest. If they can’t get in one way, they will try another. A sound Security Operations Center - staffed by the right people and with the right tools - should be a key part of your cyber defense strategy. In this session you will discover how to:

  • Effectively develop your team
  • Automate to reduce workloads and drive efficiency
  • Equip SOC teams to operate within BYOD and Cloud
  • Create strong KPIs and KRIs to measure success


Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

June 4, 2019 - afternoon

2:10pm - 2:30pm  Networking Break

2:30pm - 3:20pm  Breakout Session

Information Technology Governance Through a Comprehensive Governance Library

Ralph Johnson headshot

Ralph Johnson

Chief Information Security Officer

County of Los Angeles

When it comes to aligning IT strategy to the business plan, what gets measured gets done. However, there are so many moving pieces that are critical to ensuring that IT is effectively and efficiently helping organizations reach their goals, it is easy to get overwhelmed. Join Ralph Johnson as he shows you:

  • The importance of implementing a formal IT governance framework
  • How IT governance help you achieve executive buy-in
  • Key components for a comprehensive governance library

2:30pm - 3:20pm  Breakout Session

Cloud Care — Tracking Assets at Your Network Edge

Marshall Kuypers headshot

Marshall Kuypers

Director of Cyber Risk

Expanse

The proliferation of cloud technologies has created new classes of risk for organizations. It’s easier than ever for employees to circumvent security processes. Furthermore, the distributed nature of cloud makes it difficult for IT teams to detect exposures. In this session:

  • Discover common cloud risks, their causes, and why they’re risky
  • Learn strategies to identify rogue IT devices
  • Find out ways to stop rogue IT devices from proliferating in the first place

2:30pm - 3:20pm  Interactive Session

Wear the Black Hat in a Cybersecurity Escape Room

Jennifer Fusco headshot

Jennifer Fusco

Cyber Security Analyst

Boston Scientific

As a security executive, you know how many disparate pieces of information can together leave you vulnerable to hackers. Framed photos. Letters from family. Personal documents tucked away in a drawer. For 50 minutes, you’ll try on the black hat, assuming the role of a hacker trying to access an organization’s most sensitive data.

The catch—you only have 40 minutes to gather all the correct intel to gain access to the data, and you’re limited to the clues around the room.

In this session, be prepared to:

  • Hack a Facebook account using information left behind on employees’ desks
  • Identify which sensitive documents commonly found on employees’ desks can be used to access important accounts
  • Learn a new way to gamify insider threat training

*Please note: This interactive session is limited to 10 attendees.

2:30pm - 3:20pm  Executive Boardroom

Evolution of an Integrated Cybersecurity Office — A CIO-CISO Perspective

Matt Crouse headshot

Matt Crouse

CISO

Taco Bell

Arthur Lessard headshot

Arthur Lessard

SVP & CISO

Universal Music Group

Ellen Sundra headshot

Ellen Sundra

VP, Americas, Systems Engineering

ForeScout Technologies, Inc.

The hyper-growth of IoT across the enterprise is forcing leaders to reassess how they secure their networks. Recent Forrester research has unveiled some hidden technical and organizational challenges IT professionals should be aware of when managing their overall security framework. In this interactive session:

  • Discuss effective strategies for devising information risk and value metrics
  • Learn and share what organizations can do to better defend IoT-enabled systems from cyberattacks
  • Find out how to mature the SOC into an Integrated Cybersecurity Fusion Center

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

2:30pm - 3:20pm  Executive Boardroom

Maintaining Efficiency in the Secure Enterprise

Webb Deneys headshot

Webb Deneys

CISO

Stearns Lending

Christopher Hymes headshot

Christopher Hymes

Head of Information Security and Data Protection Officer

Riot Games, Inc.

Sean Frazier headshot

Sean Frazier

Advisory CISO - Federal

Duo Security

What tactics and technologies are effective in securing the enterprise without putting up barriers to business operations? During this interactive roundtable discussion, security leaders share strategies that maximize security while minimizing business bottlenecks. In this session, you will:

  • Define shared pain points where security controls are slowing business processes
  • Share ideas and best practices for reducing friction from security controls
  • Address ways to gain buy-in across the business when bottlenecks are unavoidable


Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact Kody Paine at +1 971-222-2377 or Kody.Paine@evanta.com.

3:20pm - 3:40pm  Networking Break

3:40pm - 4:20pm  Keynote

Future Forward – Keeping Ahead of the Privacy Wave

Kimberly Ebright headshot

Kimberly Ebright

VP & Chief Privacy Officer

loanDepot

Aaron Mendelsohn headshot

Aaron Mendelsohn

Director & Chief Data Privacy Officer

Ingram Micro

Zoe Philippides headshot

Zoe Philippides

Chief Privacy Officer

Amgen

Todd Friedman headshot

Todd Friedman

CISO

ResMed

As the topic of privacy moves to center stage with the implementation of new data protection laws and regulations such as GDPR and the California Consumer Privacy Act, CISOs find themselves struggling to maintain compliance in addition to keeping their organizations secure. Are you ready for the next wave of changes? Join this dynamic panel as they discuss:

  • How privacy regulation continues to change our approaches to business
  • How you can effectively communicate the importance of security during privacy policy shifts
  • Tools and resources that can help you deal with privacy transitions

4:20pm - 5:00pm  Closing Reception & Prize Drawing

Location


Venue & Accommodation

Hilton Los Angeles Universal City

Your Community Partners


National Thought Leaders
Keynote Sponsor

Southern California CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program manager.

Kody Paine

971-222-2377

kody.paine@evanta.com