The ISE® Southeast Executive Forum and Awards 2017 was held on March 14, 2017 at the Westin Peachtree Plaza Downtown in Atlanta, GA. The ISE® Southeast Award recognizes the information security executives and their teams who have demonstrated outstanding leadership in risk management, data asset protection, regulatory compliance, privacy, and network security.
The ISE® Southeast Awards are held in conjunction with a one day Executive Forum which includes keynote speakers, interactive roundtables moderated by the CISOs and VPs of participating companies, and hot topic panel discussions. The one day program offers the opportunity to meet with peers and leading IT executives from across the region to discuss and share insights into today's issues and solutions.
ISE® Southeast Executive of the Year Award Winner 2017
Joey Johnson
CISO
Premise Health
ISE® Southeast Executive of the Year Award Winner 2017
ISE® North America Executive: Health Care Award Finalist 2017
Biography
ISE® Southeast Executive of the Year Award Runner Up 2017
Craig Froelich
Chief Information Security Officer
Bank of America
ISE® North America Executive: Financial Award Winner 2016
ISE® Southeast Executive of the Year Award Runner Up 2017
ISE® North America Executive: Financial Award Finalist 2017
Biography
ISE® Southeast Project Award Winners 2017
Aflac Deception Project
Executive Sponsor: DJ Goldsworthy, Sr. Manager Threat & Vulnerability, Aflac
Project Team: James Harris- Sr. Threat Management Consultant
Location: Columbus, GA
Despite a very mature security posture and high-end cybersecurity technology in their network, Aflac wanted to implement a deception based solution that would help them address a gap in their ability to early and accurately detect advanced threats that were inside their network. They adopted deception, and by deploying it comprehensively across their environment, have been able to flip the playing field and create an environment saturated with pitfalls that a threat actor now has to evade with 100 percent accuracy to evade detection.
Bank of America’s Identity and Access Management (IAM) Transformation Program
Executive Sponsor: Steve Schwartz, Identity & Access Management Executive, Bank of America
Project Team: Nathan Dany, Robert Burden, Brian Kaplow, Kate Taylor, Brian K Metzner with the Identity and Access Management Strategic Transformation Delivery team
Location: Atlanta, GA
In late 2015, Bank of America’s Global Information Security team began the implementation of a new program to transform identity and access management (IAM) and reduce overall risk across the enterprise. The new program streamlined 27 review systems into one and 20 request systems into one – resulting in an efficient, user-friendly access management program that makes it easier for users to make accurate and effective access request and review decisions.
ISE® Southeast People's Choice Award Winner 2017
Dave Summitt
Chief Information Security Officer
H. Lee Moffitt Cancer Center & Research Institute
ISE® Southeast People's Choice Award Winner 2017
Biography
ISE® Southeast Executive Award Finalists 2017
Craig Froelich
Chief Information Security Officer
Bank of America
ISE® North America Executive: Financial Award Winner 2016
ISE® Southeast Executive of the Year Award Runner Up 2017
ISE® North America Executive: Financial Award Finalist 2017
Biography
Joey Johnson
CISO
Premise Health
ISE® Southeast Executive of the Year Award Winner 2017
ISE® North America Executive: Health Care Award Finalist 2017
Biography
Michael Mangold
Vice President – Information Security
Tractor Supply Company
ISE® North America Executive: Commercial Award Winner 2017
Biography
Dave Summitt
Chief Information Security Officer
H. Lee Moffitt Cancer Center & Research Institute
ISE® Southeast People's Choice Award Winner 2017
Biography
ISE® Southeast Project Award Finalists 2017
Aflac Deception Project
Executive Sponsor: DJ Goldsworthy, Sr. Manager Threat & Vulnerability, Aflac
Project Team: James Harris- Sr. Threat Management Consultant
Location: Columbus, GA
Despite a very mature security posture and high-end cybersecurity technology in their network, Aflac wanted to implement a deception based solution that would help them address a gap in their ability to early and accurately detect advanced threats that were inside their network. They adopted deception, and by deploying it comprehensively across their environment, have been able to flip the playing field and create an environment saturated with pitfalls that a threat actor now has to evade with 100 percent accuracy to evade detection.
Threat Intelligence System (TIS)
Executive Sponsor: Tim Callahan, SVP, Chief Information Security Officer, Global Security, Aflac
Project Team: DJ Goldsworthy – Director, Threat Intelligence, John D’Agostino – Threat Management Consultant, James Harris – Sr. Threat Management Consultant, Gareth Williams – Sr. Threat Management Consultant, Joshua Staples – Threat Management Engineer, Stephen McCamy – Sr. Threat Management Consultant, Ben Harbin – Sr. Threat Management Consultant
Location: Columbus, GA
In response to the increase in volume and velocity of new threats, Aflac embarked upon a mission to create a custom-built TIS that would be capable of consuming large amounts of threat data and, in turn, use that data to protect the environment and inform security decisions. Aflac built a system that not only tackles the daily operational feed of threat data, but provides key process automation and allows for system integration into the current security infrastructure for maximum use of the data.
Bank of America’s Identity and Access Management (IAM) Transformation Program
Executive Sponsor: Steve Schwartz, Identity & Access Management Executive, Bank of America
Project Team: Nathan Dany, Robert Burden, Brian Kaplow, Kate Taylor, Brian K Metzner with the Identity and Access Management Strategic Transformation Delivery team
Location: Atlanta, GA
In late 2015, Bank of America’s Global Information Security team began the implementation of a new program to transform identity and access management (IAM) and reduce overall risk across the enterprise. The new program streamlined 27 review systems into one and 20 request systems into one – resulting in an efficient, user-friendly access management program that makes it easier for users to make accurate and effective access request and review decisions.
Home Depot Deception Project
Executive Sponsor: Sarath Geethakumar, Sr. Director IT Security, The Home Depot
Location: Atlanta, GA
The Home Depot’s growth strategy involves an active acquisition strategy. A key priority in their integration strategy is to establish visibility into the acquired entities networks to understand vulnerabilities that may exist. This retail organization was actively investigating and assessing the security controls of their broader affiliate organization, and focused on elevating and standardizing security controls and governance across these subsidiaries. The Home Depot Info Sec team proactively partnered with all acquisitions to elevate their security capabilities to industry cutting edge solutions by deploying advanced deception and early detection systems. This approach would help them collectively gain needed visibility to quickly detect cyber attackers. Specifically, as a part of deploying deception, they established the capabilities to detect hidden or time triggered malware that could move laterally across the affiliate networks, identify tactics being taken to compromise endpoints relying on stolen credentials to escalate privileges and compromise the environment. This proactive approach helped them develop a light weight but highly effective and scalable security strategy across distributed subsidiaries that helps protect the integrity of the environment to maintain high customer confidence, customer loyalty, and revenue generation intended from these acquisitions.