IN-PERSON

Atlanta CISO Executive Summit

June 19, 2018 | St. Regis, Atlanta

June 19, 2018
St. Regis, Atlanta

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Tim Callahan

Aflac
SVP & Global Chief Security Officer

John Dickson

Republic National Distributing Company
VP, IT Infrastructure & Cybersecurity

Lynda Fleury

Unum
VP & CISO

David Levine

Ricoh USA, Inc.
VP, Information Security & CISO

Wayne Proctor

WestRock
VP, Information Security

Vladimir Svidesskis

Georgia Lottery Corporation
Information Security Director

Dan Webber

UST Global
CISO

Agenda

June 19, 2018

morning mid-afternoon afternoon

7:00am - 7:45am Registration & Breakfast

7:45am - 8:30am Keynote

A COO Perspective – IT Security as a Business Enabler

Virgil Miller

EVP & COO, Aflac U.S.; President, Aflac Group

At Aflac, security is not an IT issue to be solved – it’s a business imperative. Virgil Miller, EVP and COO, Aflac U.S.; president, Aflac Group, talks about the solid relationship he has with Aflac’s CISO. He shares the security team’s model for engaging business executives so he and other business leaders can understand the many ways security enables – not impedes – business. Without a solid security program in place, Miller explains, Aflac would have missed out on landing major accounts and sustaining growth opportunities.

8:30am - 9:00am Networking Break

9:00am - 9:50am Breakout Session

Back to Basics – Shoring Up the IT Security Foundation

Katie Ewers

Director, Cybersecurity Active Defense, Alpharetta iSOC

McKesson Corporation

Mike Marsilio

Information Security & Compliance Officer

Paradies Lagardère

David Nolan

Director Information Security

Aaron's Inc.

Like any good house, having a solid foundation sets up the rest of the construction for success. Our panelists share their passion for a continued and renewed commitment to basic blocking and tackling within the IT security function. By focusing on basic hygiene, and not being distracted by the shiny, next-generation threat or solution, our panelists say organizations will be ready to successfully reduce risk, thwart attacks and, in the end, be ripe for real innovation. Hear best practices for maturing and measuring fundamental security controls, achieving greater visibility, prioritizing vulnerability management, and mastering manual processes before automating.

9:00am - 9:50am Breakout Session

Mastering Data Governance and Defining Your Defense

Joe Sturonas

Chief Technology Officer

PKWARE, Inc.

Data is a driving force of innovation in today’s enterprise environment — but that same information can become an attractive bullseye for potential attackers. A weak internal security framework can open doors for external and insider threats, making valuable data — especially data that is shared — a vulnerable target. To protect the information, CISOs must consider their data management approaches, carefully reviewing and implementing top-notch policies to mitigate enterprise risk. In this session, hear methods security leaders can use to protect and govern valuable information anywhere it’s used, shared and stored.

9:00am - 9:50am Executive Boardroom

Orchestrating Defense With the Power of Cognitive Security

Paul Farley

Director, Information Risk and Assurance

NCR Corporation

Lynda Fleury

VP & CISO

Unum

Joe Watkins

First VP & Director, IT Risk Management

Federal Home Loan Bank of Atlanta

Doug Lhotka

Executive Cybersecurity Architect

IBM

With limited resources, skills and budgets, security and risk management leaders are looking for automated tools to replace a myriad of manual processes used to stay ahead of the threat landscape curve. Enter Security Orchestration, Automation and Response (SOAR). IBM’s Doug Lhotka moderates this interactive discussion on developing integrated, cohesive security strategies via the power of cognitive capabilities. Learn about and share ideas for improving the efficacy, efficiency and consistency of your security operations, implementing an adaptive security architecture that helps teams orchestrate their defenses with an integrated, immune system approach.

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

9:00am - 9:50am Executive Boardroom

Metrics, Ecosystem Risk and the Measure of Security Success

David Levine

VP, Information Security & CISO

Ricoh USA, Inc.

Dean Mallis

CISO

Metropolitan Atlanta Rapid Transit Authority

Wayne Proctor

VP, Information Security

WestRock

Jasson Casey

CTO

SecurityScorecard

The looming specter of cyber attackers and the vulnerabilities exposed through recent high-profile breaches highlight a dire need for enterprise-wide threat management. Effective security metrics are key to this holistic security strategy, but what numbers tell the right story? Join fellow security leaders to discuss challenges and successes in crafting impactful security metrics, measures that effectively define risks while supporting clear communication with senior leaders and key stakeholders.

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

9:50am - 10:20am Networking Break

10:20am - 11:10am Breakout Session

Creating and Retaining Diverse Talent Through Re-recruitment

Emory Mulling

Author & Thought Leader

The business case for diversity is strong, not just because it’s the right thing to do, but also for a company’s bottom line. Emory Mulling believes that diversity has a new definition today, and emphasizes why businesses, cybersecurity departments specifically, that hire and promote women and people of diverse ethnic backgrounds are making their organizations stronger and more profitable in the process. To retain this diverse talent, organizations must invest in their employees’ professional development, create defined and flexible career pathing and keep their teams motivated. Join this session to explore how to re-recruit your workforce to engage and retain top cybersecurity talent.

10:20am - 11:10am Breakout Session

Delivering Trust and Confidence Through Resilience

Kurt Van Etten

VP of Product Management

RedSeal

How can we maintain confidence in the face of on-going cyberattacks? Unfortunately, an arsenal of traditional technologies has not protected organizations. And as attacks become more frequent, confidence wavers. Will CISOs ever find an adequate defense? Today’s evolving threat landscape calls for an equally evolved strategy. Organizations must find ways to remove the bullseye and promptly detect potential attacks, which means having enough situational awareness to respond quickly to contain and reverse damage. During this session, discover the steps you can take in your journey to resilience to keep damage to a minimum.

10:20am - 11:10am Executive Boardroom

Implementing Operational Metrics to Effectively Communicate Cyber Exposure

James Baird

VP, IT Security & Compliance

American Cancer Society, Inc.

Jack Huffard

President, COO & Co-Founder

Tenable

Tim Mullen

CISO

Travelport

Cyber exposure is all about coverage – ensuring that you’re measuring the right things to secure the business. Equally important, defining your operational metrics creates a strategic baseline for a business discussion between the CISO, the CIO and the business, translating raw security data into a common language for communicating your security program goals and needs. Join us as we discuss how building the right approach to operational metrics enables organizations to better understand and address their cyber exposure gap to best defend the modern attack surface.

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

10:20am - 11:10am Executive Boardroom

Take Action With Intelligence

Jevin Jensen

VP, Global Infrastructure

Mohawk Industries

Robert Mims

CISO, Southern Company Gas

Southern Company

Taslimm Quraishi

Principal & Director

Cisco Systems, Inc.

What threat intelligence do you identify and prioritize? How do you act on it? What works? What doesn’t? These questions are top-of-mind for CISOs battling emerging threats. Join this interactive session, moderated by Cisco, examining today’s cybersecurity landscape, including elusive supply chain threats. Come ready to review and discuss emerging threats, break down challenges and share threat intelligence solutions for cases where there are no clear-cut answers.

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

11:10am - 11:40am Networking Break

11:40am - 12:50pm Keynote

Cloud Security ‒ Adopt Zero Trust and Put Asset-Level Safeguards in Place

John Summers

VP & Chief Technology Officer

Akamai Technologies, Inc.

Information systems security is intended to protect assets that matter – infrastructure, data, applications, and users. But network perimeters are permeable, and assets are increasingly distributed in the cloud. Today's challenge is to implement security policies and controls that are effective, consistent, and portable to wherever the assets are. John Summers will discuss how to take security to the next level with zero trust approaches that raise visibility, protect key assets, simplify network and infrastructure management, and enable fast-paced digital business.

12:50pm - 1:20pm Networking Break

1:20pm - 2:10pm Breakout Session

Using Deception to Beat the Hackers to the Punch

Wes Knight

CISO

Georgia Department of Revenue

With the coffers of the Georgia Department of Revenue under his and his IT security team’s guise, CISO Wes Knight is deploying a new strategy to keep the bad guys out – deception technology. Knight explains how this new set of tools and products, along with additional staffing resources, are helping detect, analyze and defend against zero-day and advanced attacks. Automated and real-time, deception technology provides a more proactive security posture by deceiving, detecting and defeating attackers. Knight also shares how he is getting leadership buy-in to implement these and other cyber security measures.

1:20pm - 2:10pm Breakout Session

Cybercriminal Operations Revealed

William Malik

VP, Infrastructure Strategy

Trend Micro Inc.

Most criminal syndicates today include a cyber arm because of the vast amounts of money they can make targeting businesses around the world. William Malik dives into how these organizations are set up, how they pick their targets, their infection routines and how they maximize breach access for the highest profits. Join this session and leave with a better understanding of how cybercriminals work.

1:20pm - 2:10pm Executive Boardroom

The New Standards for Data Protection in The Trust Economy

Linda Marcone

Director Information Security

Serta Simmons Bedding

Vladimir Svidesskis

Information Security Director

Georgia Lottery Corporation

Steve Healy

Director, Solution Consulting

TITUS

Data is derived from virtually every interaction made online. As a result, consumers have turned their attention to how companies protect their information. Why? Because along the journey toward digital transformation, globalization and increased collaboration, something very fundamental was compromised – the trust between customers and the companies they do business with. The message is loud and clear: People expect a standard of reliability and transparency when it comes to how their data is handled. Join this interactive session, moderated by TITUS’ Steve Healy, to discuss how businesses can thrive amid increasing social and political pressures for data protection.

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

1:20pm - 2:10pm Executive Boardroom

Political and Computer Science – Next-Gen Threat Intel

John Dickson

VP, IT Infrastructure & Cybersecurity

Republic National Distributing Company

Jeremy Stinson

Director, Chief Information Security Officer

Pilot Flying J

Gary Sockrider

Principal Security Technologist

NETSCOUT | Arbor

Understanding and minimizing the greatest security threats no longer comes solely through traditional security infrastructure and technical intelligence. As global adversaries wage hard-to-detect campaigns, security teams must weave political risk and human intelligence into their security operations and cyber threat functions. Drawing on findings from 50 in-depth interviews, Arbor Networks helps lead this interactive session to discuss how four high-performing cyber-defense teams are using visualization and global intelligence to understand, predict and prevent the latest threats. Come ready to share your approaches to next-gen threat intel.

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

2:10pm - 2:30pm Networking Break

2:30pm - 3:20pm Breakout Session

Security Awareness – Getting the Biggest Bang for Your Buck

Stuart Smith

Principal Security Architect

Delta Air Lines

An effective security awareness program is often hard to develop and even harder to measure. Further, while security awareness is frequently viewed as a necessary evil, it is still considered a “must-have” aspect of a good security program. This session explores ideas for implementing a security awareness program, particularly in today’s climate of expense pressures and competing priorities for security spend. Walk away with practical, how-to tips you can implement immediately.

2:30pm - 3:20pm Breakout Session

A CISO’s Guide to Helping Shape Public Policy

Pete Chronis

CISO

Turner Broadcasting System, Inc.

Patrick Gaul

Executive Director

National Technology Security Coalition

How can CISOs make sure their perspectives are being heard regarding government regulations that likely will significantly impact their organizations’ information security programs? Turner Broadcasting CISO Pete Chronis discusses ways CISOs can affect how public policy is being shaped so they can successfully manage risk and allocate resources to achieve compliance. Whether you have a robust government lobbying arm or not, Chronis says CISOs face enormous challenges – yet have great opportunities – when engaging government entities to safeguard their enterprises.

2:30pm - 3:20pm Executive Boardroom

Evolution of an Integrated Cybersecurity Office: A CISO’s Perspective

Tim Callahan

SVP & Global Chief Security Officer

Aflac

Joseph DiBiase

Director, Global IS

Interface Inc.

David Nagel

Senior Director Enterprise Cyber Security

Genuine Parts Company

Greg Sutherland

CISO

McKee Foods

Toni Buhrke

World Wide Director of Channel & Inside Systems Engineering

ForeScout Technologies, Inc.

The hyper-growth of IoT across the enterprise is forcing leaders to reassess how they secure their networks. Recent Forrester research has unveiled some hidden technical and organizational challenges IT professionals should be aware of when managing their overall security framework. There appears to be a dynamic shift in the way organizations are handling security and risk. Join this interactive session, led by ForeScout, to discuss effective strategies for devising information risk and value metrics, as well as security operational metrics, that are relevant to the board and executive team. Come ready to learn and share what organizations can do to better defend IoT-enabled systems from cyberattacks and mature the SOC into an Integrated Cybersecurity Fusion Center.

To reserve your seat, please contact Brandon Bean at 503-972-4037 or brandon.bean@evanta.com.

3:20pm - 3:40pm Networking Break

3:40pm - 4:20pm Keynote

Treat Cyber Security Like the Top Risk It Is

Russell Eubanks

VP, CISO

Federal Reserve Bank of Atlanta

As a security leader, what can you do to instill the cyber security message firmly within your organizational culture? Learn how your mission can be elevated all the way up to the boardroom and therefore resonate throughout your organization. Discover how to effectively communicate the status of your information security program and leave this session with practical steps that will help you garner wisdom as cheaply as you can by actively seeking and applying lessons learned from unexpected sources.

4:20pm - 5:00pm Closing Reception & Prize Drawing