ISE® Southeast Schedule of Events 2020

ISE® SOUTHEAST PRIVATE WELCOME DINNER
Hey Hey, You You, Get Off of My Cloud: Deploying Zero Trust Networking in the Modern Data Center

March 10, 2020
5:30pm - 8:30pm
STK Steakhouse
1075 Peachtree St NE
Atlanta, GA 30309
Registration

As many firms transition their data centers into the cloud and other heavily virtualized environments, the old practice of implementing choke points to force data flows through a select set of avenues simply doesn’t work anymore. According to Gartner, by “2025, 80% of enterprises will have shut down their traditional data center, versus 10% today.” How will security respond when evolving data centers represent a gigantic blind spot where basic visibility, compliance and enforcement become impossible? Join our conversation as we discuss key cybersecurity challenges when moving from perimeter security to distributed security along with best practices for implementing Zero Trust data center security for cloud-based architectures.

Wednesday, March 11, 2020

11 AM - 3 PM: Registration

Location: Chastain Terrace, Sixth Floor

3 PM - 8 PM: Registration

Location: Chastain Terrace, Sixth Floor

11:15 AM: ISE® Signature Luncheon (Invitation Only)

Location: Chastain I/J, Sixth Floor

Sponsored by:

How Cross-Industry Organizations Can Collaborate on Cyber Defense

Kevin Morrison

Kevin Morrison
Vice President, IT & CISO
Rollins, Inc.
Biography

Collective defense is not a new idea, but carrying it out on a cyber level has taken some time to gain traction despite advocacy efforts. Much of the cybersecurity information-sharing that occurs today—especially in the private sector—is insufficient. Enterprises either wait to share threat intelligence after a breach has happened or naturally must limit or delay reporting due to outsized proprietary and legal liability concerns. It’s also difficult to scale and share insights at the speed of business since collective cyber defense is a manual process, making it a costly effort—though the price of doing nothing can also be high. Larger organizations have the opportunity to employ automation so that reporting can occur in real time, whereas a smaller organization might have experienced a previously unknown threat it has not had the opportunity about which to share experiences. Mitigating each other’s weaknesses and providing different insights are part of the benefits for adopting collective cyber defense. As cyber attackers are unifying their methodologies and resources, every organization—no matter the size or industry—is stronger partnering with others than it is alone. Join our conversation as we explore the right ways to collaborate on cyber defense, the challenges faced by the public and private sectors and how we can share information across the cyber kill chain quickly without risking IP or sensitive data.

12:50 PM: Welcoming Remarks and Introductions

Location: Chastain Room, Level 6
Marci McCarthy

Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography

T.E.N.'s CEO & President will welcome guests, provide an overview of the program agenda and event purpose, and introduce the speakers and sponsors of the ISE® Southeast Executive Forum and Awards 2020.

1:00 PM: Keynote Address

Location: Chastain Room, Level 6
Jamil Farshchi

Jamil Farshchi
Chief Information Security Officer
Equifax
ISE® West Executive Award Finalist 2011
Biography

1:35 PM: Interactive Executive Roundtables

Location: Chastain Room, Level 6

The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices. The interactive roundtable discussions are hosted by our leading ISE® Alumni.

Cyber Defense: A Reality Check for Cybersecurity Decision Makers

Kevin Treanor
Staff Vice President, Security Technology Management
Anthem
Biography

Traditional security methods are falling short as the sophistication, frequency and speed of cyberattacks increase. Our sense of threat looms larger once we also consider the tenacity, time and resources that state-actors possess to wage strategic war over any business that might have valuable information to steal or manipulate. In a 2019 Vanson Bourne survey, 85% of respondents rated their organization’s cybersecurity technology, tools and systems as advanced—and yet their enterprises suffered one cybersecurity incident every three months on average, with 80% requiring meetings with the C-suite and board due to severity. This indicates a disconnect between confidence levels and actual vulnerability and system maturity. Fortunately, these board meetings also provide an opportunity for security executives to proactively secure the buy-in of upper management to redesign systems, offer better employee cyber training and other improvements to enterprise security. This same buy-in will be crucial for adopting collective cyber defense strategies, especially since many security professionals advocate for greater threat sharing with industry peers and between the public and private sector. Join our discussion to learn effective methods of communicating security needs to the C-suite and board as well as share our concerns and expectations for collective cyber defense in a world of advanced and growing threats.

Cyber Attackers Have an Inherent Advantage: How Do We Change That?

Don Marsee
Manager, Information Security, Risk & Compliance
Tractor Supply Company
Biography

In today’s asymmetrical warfare between cybercriminals and organizations, the cards are stacked against the good guys. While attackers only have to find one weak spot, security teams have to monitor and protect everything at all times, which in many instances dictates only one, virtually predestined outcome of the battle. With every marquee name that is breached, it is clear that crippling cyberattacks have become the new normal. Although this “era of insecurity” began more than 10 years ago, it has become more and more extreme in recent years, and there are three main factors that exacerbate the current situation. The first is that cybercrime is lucrative, and offensive scanning and exploitation tools have become cheaper, more automated and widely available to attackers. Second, in the hyperconnected IT ecosystem of today’s organizations, it is exponentially more difficult to continuously monitor and debug everything in a timely fashion. Finally, we are losing sight of security risks. Without a complete view of an organization’s entire attacker-exposed IT ecosystem—including risk from cloud, third-party and subsidiary environments—and an understanding of the business context of its assets, an organization cannot appropriately assess, prioritize and eliminate its most critical risks.

Establishing the Role of Governance in Identity Access Management

Stacy Hughes

Stacy Hughes
SVP, IT Governance, Risk and Compliance
Global Payments
Biography

For businesses to succeed in protecting customer data and securing their privacy, security teams can begin treating every identity as a new security perimeter. Nowadays, threat actors do not “hack” in; they log in. Security measures that are busy covering firewalls, endpoints and networks tend to neglect protecting against identity and credential-based threats, allowing them to bypass security checkpoints perfectly camouflaged. Access governance can serve as one solution, as the methodology provides the guidelines which determine who has access to what information within an enterprise as well as the monitoring tools to evaluate access and user rights and their anomalies. Identity governance also helps ensure organizations comply with all current regulation requirements they are expected to follow. However, identity governance can come with its own challenges, such as locating and disabling orphaned accounts or failing to review and update identity governance policies, so they remain effective and are understandable. Some enterprises also choose to follow the Zero Trust model and tools to reinforce it, such as multi-factor authentication, which other enterprises might find too time-consuming. Nevertheless, if you are willing to take the steps, enforcing identity governance and identity access management (IAM) can wind up making all the difference in thwarting a data breach. Join our discussion as we explore the need for identity governance implementations; its challenges and rewards; how IAM is evolving; and the new risks we need to detect, mitigate and avoid.

2:35 PM: Afternoon Break

2:45 PM: ISE® Southeast Nominee Showcase Presentation #1

Location: Chastain Room, Level 6

3:05 PM: ISE® Southeast Exabyte Sponsor Showcase Presentation

Location: Chastain Room, Level 6

3:25 PM: Information Security Executive® Deep Dive Panel

Location: Chastain Room, Level 6

An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.

Moderator

Eppinger_Gary Gary Eppinger
Global VP, CISO and Privacy Officer
Carnival Corporation
Biography

Panelists

Jason Belford

Jason Belford
CISO
University of Virginia
Biography

Mallis_Dean

Dean Mallis
Chief Information Security Officer
MARTA

Manikin_Stoddard

Stoddard Manikin
CISO & Director, Information Security
Children's Healthcare of Atlanta
Biography

Marian Reed

Marian Reed
Sr. Director of IT Security
Serta


4:10 PM: ISE® Southeast Nominee Showcase Presentation #2

Location: Chastain Room, Level 6

4:30 PM: ISE® Southeast Nominee Showcase Presentation #3

Location: Chastain Room, Level 6

4:50 PM: Late Afternoon Break

5:00 PM: ISE® VIP Reception (Invitation Only)

Location: The Overlook, Level 6

ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.

6:00 PM: Sponsor Pavilion and Dinner Buffet

Location: Chastain G,H,I. Level 6

Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the Award Nominees for 2020, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.

7:30 PM: Sponsor Tear Down

Location: Chastain G,H,I. Level 6

7:45 PM: ISE® Southeast Awards Gala

Location: Savannah Ballroom, level 10

Honoring and celebrating the ISE® Southeast Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.

Lynda Fleury

Lynda Fleury
Vice President and CISO
Unum
ISE® Southeast Executive Award Winner 2008
ISE® North America Executive Award Finalist 2005

Biography

Bob Varnadoe

Bob Varnadoe
Chief Information Security Officer
NCR
ISE® Southeast Executive Award Finalist 2018
Biography

9:00 PM: Champagne & Dessert Reception

Location: Savannah Ballroom, level 10

Enjoy champagne and dessert while celebrating the winners, nominees and project teams.