ISE® Southeast Schedule of Events 2014

ISE® Southeast Private Welcome Dinner

March 10, 2014
5:30pm -8:30pm
The Palm Restaurant at the Westin Buckhead Hotel
3391 Peachtree Road, NE
Atlanta, Georgia 30326

This special dinner will provide a forum for candid dialogue on the industry’s most critical issues. During our dinner conversation, learn how your peers are addressing advanced threats from internal, external and global sources, and share your own insights on protecting your enterprise in the evolving threat landscape.

March 11, 2014

10am - 8pm: Registration

Location: Prefunction CDE, 4th floor

11:30 AM : ISE Southeast Nominee Welcome Luncheon & Presentation   *Invitation Only

Location: Ballroom C, 4th floor

Sponsored by

net I Q

David Corlette

David Corlette
Product Manager
NetIQ
Biography

When Tinfoil Hats Aren't Enough: Effective Defenses Against Advanced Persistent Threats (APTs) > Download Presentation
You probably know about the threat posed by APTs. You also may know that most experts will tell you that there are no cost-effective ways to completely prevent a determined attacker from getting into your systems. So what to do? Since returning to an agrarian society is likely not a viable option, this presentation will cover common APT techniques and ways to detect those techniques in action and rapidly react. We'll talk about how to leverage the Identity-powered enterprise to improve the accuracy and effectiveness of prevention, detection, and response.

1:00 PM : Welcoming Remarks and Introductions

Location: Ballroom D & E, 4th floor
Marci McCarthy

Marci McCarthy
CEO and President
T.E.N.
Biography

1:10 PM : Keynote Address

Location: Ballroom D & E, 4th floor
Kevin McKenzie

Kevin McKenzie
Chief Information Security Officer
Clemson University
ISE® Southeast Executive Award Winner 2013
ISE® North America Academic Executive Award Winner 2013

Leadership, Collaboration and Sustainability  > Download Presentation
Security leaders are often concerned about being the next big target or becoming susceptible to new threats, but building a stronger, more effective security program goes beyond technological innovation. Leadership style and perception, as well as meaningful collaboration with industry partners can help build long-term sustainability for your security program. Many argue these qualities are essential to maintaining an understanding of our growing environment and preparing the next generation of security professionals for what is to come. This presentation will examine leadership perception and discuss the higher education segment as a worthwhile collaborative partnership for long term sustainability.

1:40 PM : Interactive Executive Roundtables

Location: Ballroom D & E, 4th floor

The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices.  The interactive roundtable discussions are hosted by our ISE® Judges and Nominees.

beyond trust

Best Practices for Mitigating Threats via Privilege and Access Management

Scott Barronton

Scott Barronton
VP Security Compliance
Equifax

In the wake of Edward Snowden’s admission that he leaked government secrets, all eyes are on the systems administrator and their privileged accounts and credentials. While the risk of insider threat should never be dismissed, the problem is that employees with privileged access have become prime targets for cybercriminals. Even low-level vulnerabilities may lead to the compromise of privileged credentials, which can provide access to proprietary data or even create another account — essentially opening a back door. Traditional technologies, such as antivirus, firewalls, and IDS/IPS, cannot contend with the innovative attacks plaguing networks today. The publicity resulting from the Snowden fallout points to a need to protect the systems administrators, their credentials, and the privileged accounts they manage. Context-aware security intelligence combined with privilege and access management empower security teams to make better-informed decisions as they mitigate the risk of escalating security threats - from desktop to the cloud.

agari

Secrets to Achieving End-to-End Email Security

Brian Phillips Brian Phillips
Security Director
Macy's

Securing your infrastructure is essential in protecting your customers, but malicious attacks can affect users without even entering your network. The Anti-Phishing Working Group reported 72,758 phishing attacks targeting more than 700 institutions worldwide during the first half of 2013 alone. As Verizon's Data Breach Report shows, 95% of all data breaches begin with a phishing email — evidence that comprehensive ecosystem visibility, email intelligence, and real-time alerting and reporting are imperative to thwarting these attacks. Join our conversation to take a deep dive into advanced email security methodology and learn best practices to achieving end-to-end email security in order to protect your customers and enable business.

imperva

Defending Against Advanced Threats in an Ever-evolving Threat Landscape

Paul Huesken

Paul Huesken
Chief Information Assurance Officer
The Coca-Cola Company
ISE® Southeast & North America Judge

It’s the move of a smart hacker; use one vulnerable point of entry on an interconnected system, then go after your real target. Now it seems one unfortunate HVAC maintenance man was used as the hacker’s pawn in the Target data breach scam. Fazio Mechanical Services, a provider of refrigeration and HVAC systems, was given access to a Target database so the company could remotely login for electronic billing, contract submission and project management. After stealing one Fazio worker’s credentials, the hackers used this digital pathway to insert the destructive malware.

Is BYOS the real problem in mobility?

Kyle Duke

Kyle Duke
Information Security Officer
HealthSpring
ISE® Southeast People's Choice Award Winner 2010

Many organizations are concerned about BYOD triggering security, privacy and intellectual property problems. But perhaps the bigger issue is Bring-Your-Own-Software (BYOS). For organizations, BYOS offers an attractive alternative for employees to streamline work activities, collaborate with colleagues, and be more productive. With free trials, inexpensive subscriptions, and easy-to-cancel policies, the barrier to adoption is low. However, organizations struggle to balance these benefits with the downside as this ad-hoc adoption of cloud services could pose greater risk than an external threat. Could BYOS be the biggest challenge in mobility?

2:40 PM : Break

2:50 PM : Nominee Showcase Presentation #1

Location: Ballroom D & E, 4th floor
Dave McDermitt

Dave McDermitt
Assistant VP, Information Security Officer
Federal Reserve Bank of Atlanta
Atlanta, GA
ISE® Southeast Executive Award Winner 2014

Enable Secure Collaboration - Anytime, Anywhere  > Download Presentation
Recognizing that mobility is essential to business success and productivity, the Federal Reserve Bank of Atlanta did not let security challenges limit their ability to facilitate collaboration. The project team developed a solution that enabled its board to access and share sensitive information electronically — with protection down to the document layer — regardless of device platform, location and context and without inhibiting usability. Learn more about this innovative project and how it could be applied at the enterprise level.

3:10 PM : Adobe Executive Address

Location: Ballroom D & E, 4th floor
adobe
David Lenoe

David Lenoe
Group Manager, Secure Software Engineering
Adobe

Investment in People is the Key to a Security Organization Built for Change
According to Forrester Research, 51 % of organizations say it’s a challenge or major challenge to hire and keep security staff with the right skills. This becomes especially challenging in a constantly changing organization managing acquisitions, changing business objectives, and rapid growth. While investing in security technology is important to stay ahead of threats, failure to invest properly in your people can introduce systemic and cultural risk that can be more challenging to manage than technical threats. This presentation will discuss the keys to not only getting the best people, but keeping them. Mr. Lenoe will share Adobe’s experiences in managing this very challenging problem along with what we have learned as we have built up our security organization to adapt to our cloud-focused future.

3:25 PM: CISO Deep Dive: Executive Leadership

Location: Ballroom D & E, 4th floor

An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.

Moderator

Joe Bennett

Joe Bennett
CISO
YP
Tucker, GA

Panelists

Rob Ferrill

Rob Ferrill
Chief Security Officer
HealthSouth

David Fourqurean
SVP, Operational Risk Manager
Wells Fargo

McCree Lake

McCree Lake
Director, Business Solutions & Integration
Information Technology Services
Kennesaw State University

Mark Reardon

Mark Reardon
Chief Information Security Officer
State of Georgia
ISE® Southeast Executive Award Finalist 2009

Glen Taylor

Glen Taylor
Chief Information Security Officer
The Walt Disney Company
ISE® North America Commercial Executive Award Winner 2013
ISE® Southeast People's Choice Award Winner 2011
ISE® Southeast Executive Award Finalist 2011

4:10 PM : Nominee Showcase Presentation #2

Location: Ballroom D & E, 4th floor
name

Michelle Stewart
Senior Director of IT Security and Governance
The American Cancer Society
Biography

Shaun Hunt

Shaun Hunt
Vice President of IT Governance
The American Cancer Society
Biography

Achieving PCI Compliance with an Aggressive Timeline  > Download Presentation
After merging 12 chartered division organizations with its national home office in 2012, the American Cancer Society set out to quickly address major business challenges surrounding PCI Compliance. Learn how this leading non-profit was able to consolidate assets and processes, centralize and improve threat management, resolve gaps, reduce cost and successfully pass an onsite PCI audit with an aggressive timeline, allowing the organization to focus on its important mission of saving lives.

4:30 PM : Nominee Showcase Presentation #3

Location: Ballroom D & E, 4th floor
Tony Spurlin

Tony Spurlin
Manager, Information Risk Management
The Home Depot
Atlanta, GA
ISE® North America People's Choice Award Winner 2005

Implementing a Successful Scraping Defense
AutoTrader Group’s more than 12 million consumers and automotive dealers rely on the availability and credibility of the company’s substantial digital properties and assets, which were vulnerable to nefarious scraping attacks. Learn how the ATG project team developed and deployed a successful scraping defense technology to protect the company’s market position, reduce infrastructure load, protect customers and consumers from fraud, provide protection from system and application outages and increase the capacity of internal teams to work on higher value revenue generating initiatives.

4:50 PM: Late Afternoon Break

5:00 PM : VIP Reception (invitation only)

Location: Ballroom C, 4th floor

ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.

6:00 PM : Sponsor Pavilion and Dinner Buffet

Location: Prefunction Grand Ballroom, 4th floor

Guests enjoy gourmet dinner while networking and meeting the sponsors.  Honoring and celebrating the Award Nominees for 2014, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.

7:30 PM : ISE® Southeast Awards Gala

Location: Grand Ballroom AB, 4th floor

Honoring and celebrating the ISE® Southeast Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance.

9:00 PM : Champagne & Dessert Reception

Location: Prefunction Grand Ballroom, 4th floor

Enjoy champagne and dessert while celebrating the winners, nominees and project teams. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.