ISE® Northeast Private Welcome Dinner
5:30pm - 8:30pm
Lattanzi
361 W 46th St.
New York, NY
To register, please contact Deb Jones.
Jay Wright
Information Security Officer
Citigroup Inc.
Biography
Closing the Security Intelligence Gap – Integrating Identity, Access and Security Management
Your data is valuable and there’s a good chance that someone is actively working to get it. For today’s hackers, successful infiltration to sensitive systems and information is often achieved by gaining the credentials of privileged users with elevated access rights. Traditional security solutions are no longer enough to spot this attack method. Closing the gap requires a new approach---integrating security monitoring with identity and access management. Applying identity-based context and user access behavior into your security monitoring efforts are imperative to discovering the true, actionable security intelligence required for your team to disrupt an attack before it can cause damage and expedite incident response. Join our conversation for a deep dive into identity, access and security management and learn more about the tools and strategies your team needs to recognize potential attacks faster and keep your most sensitive information assets safe.
October 8, 2015
10:00am: Registration
Location: Pre-function area of Ambassador Ballroom, 2nd floor
11:30 AM : ISE® Signature Luncheon *Invitation Only
Location: Ambassador 2, 2nd floor
Sponsored by
Frank Roppelt
Managing Director, Global Head of Vendor Risk Management
BNY Mellon
Biography
The Evolving Challenge of Third Party Security Risk Management Industry experts estimate that third-party security breaches are growing at an astounding rate, leading many to believe that a firm’s level of cybersecurity is only as good as the security of its vendors. To be successful, CISOs must work with, not against, partners to effectively remediate immediate threats and lower collective security risk. Join our conversation to discuss how to better protect your organization from third party threats by adding continuous monitoring to your arsenal and adopting practices for collaborative intervention and remediation.
1:00 PM : Welcoming Remarks and Introductions
Location: Ambassador 3, 2nd Floor
Marci McCarthy
CEO and President
T.E.N.
Biography
1:10 PM : Keynote Address
Location: Ambassador 3, 2nd Floor
John Schramm
CISO
Manulife
Biography
Information Risk in the Boardroom: How to get comfortable outside your comfort zone
As the profile of information risks such as cyber security, access management and business resiliency increase at companies so does the organizational profile of the CISO role in corporate governance. This constant and rapid evolution of the role has stretched the capabilities of many CISO’s as the role continues to grow and expand into the boardroom. I’ll share my views on where we have come from, the challenges we currently face in being effective with our boards and where we may be going in the future.
1:45 PM : Interactive Executive Roundtables
Location: Ambassador 3, 2nd Floor
The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices. The interactive roundtable discussions are hosted by our ISE® Judges and Nominees.
Joseph Zingalis
International Information Security – Canada & LatAm
Wells Fargo & Company
Biography
Securing Your Data across Channels: Strategies for Outpacing Zero Day Threats and Sophisticated Hackers
Mobile, social and cloud technologies enable an organization’s efficiency and productivity, and can often provide competitive and brand differentiation. However, the widespread adoption of these services often results in an environment where free-flowing data quickly outpaces an organization’s ability to proactively defend against imminent and emerging security threats. All companies with valuable IP should assume both zero day threats and sophisticated hackers are targeting them. Mobile, social and cloud technologies drive productivity. But they also open the door to data theft and advanced attacks that can slip right by anti-virus, URL filtering and firewall defenses. A continued focus on siloed controls is insufficient for today’s threats as attacks are highly advanced, well-funded and persistently targeting enterprise environments.
Larry Wilson
Chief Information Security Officer
University of Massachusetts
Biography
Security vs Risk vs Privacy: Who Leads the Charge?
As the field of security has evolved, so has the role of the Chief Information Security Officer, but debates are heated regarding exactly what responsibilities this title-bearer should assume. Although the classic model calls for a CISO with a strong technical background to manage enterprise level security efforts, many global organizations have shifted from a focus on information security programs to a holistic risk management approach, which calls for a more business savvy CISO. Others have found combining their privacy and security teams under single leadership can help to manage risk. Others still see security, risk and privacy as vital roles that merit their own c-suite members. What’s the best model? Join our conversation to debate the merits for the CISO as a risk and privacy officer and share your insight about the evolution of the CISO role.
Mike Towers
Executive Information Security Officer
Actavis, Inc.
Defending Against Advanced Threats in an Ever-evolving Threat Landscape
The cyberspace environment is extremely dynamic and unfortunately, new vulnerabilities and threats emerge on a daily basis. Security leaders must develop and employ various offensive and defensive strategies to defend the enterprise and minimize risks at an acceptable cost. Join our discussion to learn how your peers are addressing advanced threats from internal, external and global sources, and share your own insights on protecting your enterprise in the evolving threat landscape.
Todd Bearman
Chief Information Security Officer
Tower Watson
Biography
The Growing Complexity of IT Security: How Do We Manage?
IT Security is undoubtedly a cat and mouse game. As technology threats grow in complexity, security leaders work tirelessly to develop new methods for identifying and thwarting attacks. But the fact remains— there is no such thing as absolute security. In the future, IT-dependent societies must be capable of withstanding an attack, or surviving an attack and recovering, without the descent into chaos. Join us to take a deep dive into the concept of developing and maintaining resilience as a central focus for your contemporary security strategy.
2:45 PM : Break
3:00pm : Registration
Location: Pre-Function area of New York Atrium, 9th floor
2:55 PM : Nominee Showcase Presentation #1
Location: Ambassador 3, 2nd Floor
Charles Hudson
Executive Director, Security Strategy and Architecture
Comcast Corporation
ISE® Northeast People's Choice Award Winner 2014
ISE® Northeast Executive Award Finalist 2014
ISE® North America Executive Award Finalist 2014 - Commercial Category
Biography
Through the Vendor Risk Looking Glass
Untethered vendor access is an increased security and business risk for many companies due to lack of visibility and control over vendors with access to critical infrastructure. To help remedy this significant security issue, the team at Comcast developed a program that would allow them to integrate vendor external profiles and internal vendor resource activities to provide a 360° single pane of glass view for its IIS, GRC Leadership and SOC teams. The Comcast 360 Vendor Risk Assurance Program The program provides a holistic defense against the targeted attacks leveraging the vendor as a threat vector. Learn how the Comcast team was able to maximize organizational efficiencies and improve the timely responsiveness of its security teams and vendor groups to drive successful vendor risk management.
3:15 PM: CISO Deep Dive: Executive Leadership
Location: Ambassador 3, 2nd Floor
An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.
Moderator
Pete Lindstrom
Research Director Security Products
IDC
Biography
Panelists
Linda Cooper Angles
CISO
FXall, A Thomson Reuters Company (a platform for trading on foreign exchanges)
Biography
David Cass
CISO
Fortune 50 Company
Biography
John Masserini
Chief Security Officer
MIAX Options
Biography
Jay Wright
Information Security Officer
Citigroup Inc.
Biography
4:00 PM : Nominee Showcase Presentation #2
Location: Ambassador 3, 2nd Floor
Dan Solero
AVP, Cybersecurity
AT&T
Biography
Redefining Cloud-based Security
It’s no secret that traditional perimeter-based security models cannot adequately protect your enterprise in today’s threat landscape. With this in mind, the team at AT&T set out to develop a solution that could deliver an API-based architecture, which could decouple hardware and software components of network security devices to provide security software as a service, built within a distributed cloud environment, and integrated within the cloud provisioning process. Their Astra ecosystem is comprised of software-enabling virtual security services delivered via APIs, creating micro-perimeters of protection around applications based on automated intelligent provisioning. The technology also consumes threat intelligence and security event analysis via API, which enables the team to identify and mitigate events that previously had no solution. Learn how the AT&T team was able to redefine security in the cloud with their pioneer approach to application protection.
4:20 PM : Nominee Showcase Presentation #3
Location: Ambassador 3, 2nd Floor
Dissolving Divestiture Discord
Divestitures create an inherent conflict of interest between the buyer and the seller. Understandably, the buyer wants immediate control of their newly acquired assets while the seller wants to ensure that the buyer does not get access to their own core non-divested data or intellectual property. Additionally, the seller wants to complete the transition securely and reduce all potential avenues of data loss. In order to ease this transition for both parties, Citi developed their Advanced Third Party Management system to provide a consistent and systematic methodology to separate these divested IT assets and workers using a repeatable framework that reduces the information security risk to Citi. Learn how the Citi team, has made significant advances in securing this special niche area within the InfoSec world and successfully implement the solution across multiple countries in multiple geographic regions.
4:45 PM: Late Afternoon Break
5:00 PM : VIP Reception (invitation only)
Location: Pearl, 9th Floor
ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.
6:00 PM : Sponsor Pavilion and Dinner Buffet
Location: New York Atrium, 9th floor
Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the award nominees for 2015, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.
7:30 PM : ISE® Northeast Awards Gala
Location: Majestic Ballroom, 5th floor
Honoring and celebrating the ISE® Northeast Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance.
9:00 PM : Champagne and Dessert Reception
Location: Majestic Foyer, 5th floor
Enjoy champagne and dessert while celebrating the winners, nominees and project teams. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.