March 13, 2017
ISE® SOUTHEAST PRIVATE WELCOME DINNER
Winning the Cybersecurity Talent War: Strategies for Staffing Your SOC With Top-Notch Talent
5:30pm - 8:30pm
Morton’s The Steakhouse
303 Peachtree Center Ave NE
Atlanta, GA 30308
Registration
Mark Reardon
AVP of Information Security & Chief Information Security Officer
WellStar Health System
Biography
How do you become the best employer in security operations? Attracting and retaining top security talent is one of the biggest differences between organizations with good security and those with great security. Join us for an engaging discussion on the successful strategies organizations are using to make their SOC the employer of choice. What motivates employees? How do the recruit and train? What tools and processes do they have in place? How do they measure success? We’ll cover all of this and more.
March 14, 2017
11am - 3pm: Registration
Location: Foyer of Chastain 1&2, Sixth Floor
3pm - 8pm: Registration
Location: 200 Peachtree Foyer
11:30 AM : ISE® Signature Luncheon *Invitation Only
Location: Chastain F, Sixth Floor
Bob Varnadoe
Chief Information Security Officer
NCR Corp.
Biography
Perfect Depth Deception – Countering Attackers One Step at a Time
The era of the data breach shows no signs of slowing down. As data breaches continue to increase at an exponential rate, the mantra of “it’s not a matter of if you will be breached, but a matter of when” continues to be an unfortunate reality that every organization must be prepared for. Companies are investing in a plethora of security options, but with so many solution options available, it has become increasingly difficult to discern the overall value and ROI that all of these solutions provide. Attackers continue to find ways around both traditional endpoint and perimeter protections and bypass existing controls to execute attacks with devastating results. Organizations need to suppress and contain adversaries before a breach is able to occur. By utilizing Deception technology, security teams can combat advanced threats through baiting, engaging, and trapping attackers as they attempt to move through your network. Join our conversation to learn how implementing Deception technology can help your security team protect your company’s assets against malicious insiders and sophisticated cybercriminals.
1:00 PM : Welcoming Remarks and Introductions
Location: Chastain 1&2, Sixth Floor
Marci McCarthy
CEO and President
T.E.N.
Biography
T.E.N.'s CEO & President will welcome guests, provide an overview of the program agenda and event purpose, and introduce the speakers and sponsors of the ISE® Southeast Executive Forum and Awards 2017.
1:10 PM : Keynote Address
Location: Chastain 1&2, Sixth Floor
John Graham
CISO
EBSCO Industries
ISE® Southeast Executive Award Finalist 2012
ISE® Southeast Executive Award Winner 2016
ISE® North America Executive Award Finalist 2016 - Commercial Category
What is the Value of Third Party Risk Assessments?
Many information security executives have been performing third party risk assessments for years. Some execs are under regulatory pressure to complete third party risk assessments, and in some cases even fourth party risk assessments. So what is the value? What have information security executives accomplished by doing these assessments? What have they learned from this area over the years? Join us as John Graham, CISO for Jabil, takes us on a journey through roughly 20 years of third party risk assessments and data sharing risk. During this conversation, John will touch on key learnings, continued challenges, and strive to answer the question, “Is there true value in all of the effort?”
1:45 PM : Interactive Executive Roundtables
Location: Chastain 1&2, Sixth Floor
The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices. The interactive roundtable discussions are hosted by our ISE® Judges and Nominees.
Connie Barrera
Corporate Director & CISO
Jackson Health System
ISE® Southeast People's Choice Award Winner 2016
ISE® North America Executive Award Finalist 2016 - Health Care Category
Biography
The Internet of Things is Here and Growing but are You Ready for it?
The once nebulous Internet of Things has slowly but surely become a more defined and pressing issue for Information Security professionals as more organizations begin to adopt the IoT into their business structure. Gartner predicts that in the year 2020, 25 billion ‘things’ worldwide are connected to the internet with a collective economic value of two trillion dollar. While that still leaves current InfoSec professionals some time to adapt to a more pervasive Internet of Things, the question remains; “How ready is your organization for IoT adoption now?” Does your organization have the right skillsets and capabilities in place now to start investing in IoT related projects? Aside from all the innovative, technical and business skills needed, perhaps the greatest skill needed is the ability to understand what missing factors are in the organization’s capabilities.
Paul Huesken
Chief Information Assurance Officer
The Coca-Cola Company
ISE® Southeast & ISE® North America Judge
Biography
Security from the Inside: Combating Insider Threats
While the popular view of most security threats tends to be of outsiders, the last few years have also seen an increasing emphasis on threats to the enterprise from the inside. Insider threats can range from something as simple as a negligent employee who clicks on a bad email link to a disgruntled employee with privileged access to sensitive data and portions of the enterprise. A 2016 survey on insider threats by Bitglass revealed that one in three organizations interviewed had experienced insider attacks, with 56% saying they have gone up in the past year. Organizations are starting to see improvements in detecting insider threats however. In the same survey, 64% of the respondents said they can now detect breaches within a week, compared to the previous year where only 42% were able to do so. While there have been some improvements in dealing insider threats, there still remains a strong need for a more vigilant and proactive approach to identifying, isolating, and mitigating damage from these kinds of attacks.
Stoddard Manikin
VP, CISO
Children's Healthcare of Atlanta
ISE® East Executive Award Winner 2024
Biography
Ransomware on the Rise
Malware has long been the bane of many security professionals. However, a more frightening evolution in this long-time InfoSec foe has become increasingly dangerous and more prevalent in recent years. Ransomware has continued to grow as one of the most prevalent threats to industries of all shapes and sizes. A 2015 report by McAfee found a huge jump of late, from 257,357 new ransomware samples in the first half of 2014, to 380,652 in the second half. By the first half of 2015, that number jumped 5.3 times to over 2 million. In 2016, we saw several increasingly high-profile examples, including, most notably, the case of Hollywood Presbyterian Medical Center, a 434-bed hospital whose network effectively ground to a halt after hackers breached the system in early February. After relying on pen and paper records briefly, Hollywood Presbyterian paid the 40 bitcoin ($17,000) ransom to regain control of its network. As ransomware continues to spread, what can security professionals do to better protect themselves from this most malevolent of malware?
Mark Reardon
Chief Information Security Officer
Wellstar Health Systems
ISE® Southeast Executive Award Finalist 2009
Securing What You Share: Improving Your Third Party Security
When organizations start working with third-party vendors, they have to consider a variety of security concerns. These vendors often have access to valuable, sensitive corporate data, yet according to a 2016 study by the Ponemon Institute, more than one third of companies don’t believe these vendors would tell them if they had a data breach. Additionally, About 60% of respondents said they felt vulnerable because they were sharing sensitive data with third parties that might have weak security policies. While including data privacy and security procedures in third-party contracts to ensure vendors have appropriate measures in place to protect company data has become commonplace, it is difficult to evaluate how the vendor is protecting data from unauthorized access, use, and disclosure, and to know whether the vendor has appropriate contractual terms in place with downstream, who may also have access to your data. This disconnect creates a high-risk area for all industries as more and more data loss through third-party vendors results in a breakdown of trust and communication. To help prevent potential damages, organizations need to develop plans for working with third parties that involve data mapping vendors, contract specificity, and regular data audits.
André Gold
Former Vice President, Cloud and Infrastructure Engineering
Cardinal Health
Biography
Social [Media] Security: The Impact of Social Media on Information Security
Social media has become such an integral part of our day to day actions that we sometimes neglect to consider the greater impact it has at the business level. Cyber criminals run rampant across every social network today. While we see headlines about social marketing faux pas and account hacks, those are just the tip of the security risk iceberg. Companies’ poor social media security practices can put their brands, customers, executives, at serious risk. According to Cisco, Facebook scams were the most common form of malware distributed in 2015. The FBI said that social media-related events had quadrupled over the past five years and PricewaterhouseCoopers found that more than one in eight enterprises suffered a security breach due to a social media-related cyberattack. While adapting best practices for social media usage for employees is a decent start, there’s much more to be done. Security professionals must start treating social channels like the potential security threat they are and align strategies to effectively fend against the range of cyber techniques currently in use.
2:45 PM : Nominee Showcase Presentation #1
Location: Chastain 1&2, Sixth Floor
Staying Secure 24/7
The Macy’s team set out to establish and implement a Threat Monitoring and Response Center that would actively monitor and respond to security threats 24 hours a day, 7 days a week. The team would be tasked with implementing, tuning, and monitoring new technologies that would give them the ability to detect, alert, and respond to security threats in near real-time. The team would both staff and train for the expertise needed to cover all technical aspects of threat detection, incident response, and malware forensics. Learn how the team at Macy’s was able to able to not only detect and respond to security threats, but also reduce overall fraud while educating executives and teams across the company.
3:05 PM: CISO Deep Dive: Executive Leadership
Location: Chastain 1&2, Sixth Floor
An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.
Moderator
Pete Lindstrom
VP, Security Strategies
IDC
Biography
Panelists
Pete Chronis
SVP, Chief Information Security Officer
WarnerMedia
Russell Eubanks
VP and CISO
Federal Reserve Bank of ATL
Biography
CISO
University System of Georgia: Board of Regents
Robert Mims
Director, Security - Gas, Nuclear, Generation and Transmission Operations
The Southern Company
ISE® Southeast People's Choice Award Winner 2014
Biography
Kevin Morrison
VP, Chief Information Security Officer
Driven Brands
ISE® Southeast People’s Choice Award Winner 2015
Biography
3:45 PM : Nominee Showcase Presentation #2
Location: Chastain 1&2, Sixth Floor
Hugh Percy
Supervisor Cyber Security Ops
Moffitt Cancer Center
Biography
Creating a SOC with the Perfect Fit
The Moffitt SOC is a two-phase project where the first phase is operations during business hours with the second phase being expanding to 24/7/365 coverage. The SOC is responsible for performance monitor and cyber security monitoring of Moffitt’s network, systems, applications and personnel. Since beginning operations, the SOC has issue over 800 incident tickets, handled 5 major performance incidents, 2 cyber-incidents and prevented over 12 major incidents. Learn how the team at Moffitt Cancer Center were able to reduce operational downtime and see a reduction in interruptive events of 90% in the last half of 2016.
4:05 PM : Nominee Showcase Presentation #3
Location: Chastain 1&2, Sixth Floor
DJ Goldsworthy
Vice President of Security Operations & Threat Management
Aflac
Biography
The Next Level of Threat Intelligence
In response to the increase in volume and velocity of new threats, Aflac embarked upon a mission to create a custom-built TIS that would be capable of consuming large amounts of threat data and, in turn, use that data to protect the environment and inform security decisions. Aflac built a system that not only tackles the daily operational feed of threat data, but provides key process automation and allows for system integration into the current security infrastructure for maximum use of the data. Learn how the Aflac team was able to help ensure that their business strategy incorporates a real-world perspective of risk and that all security funding decisions are optimized based upon a thoughtful consideration of the current tactics, techniques and procedures of threat actors.
4:25 PM : Nominee Showcase Presentation #4
Location: Chastain 1&2, Sixth Floor
Sarath Geethakumar
Sr. Director, IT Security Architecture
Home Depot
The Art of Deception: Increasing Visibility and Accelerating Integration via Deception
The Home Depot Information Security team proactively partnered with all acquisitions to elevate their security capabilities to industry cutting edge solutions by deploying advanced deception and early detection systems. This approach would help them collectively gain needed visibility to quickly detect cyber attackers. Specifically, as a part of deploying deception, they established the capabilities to detect hidden or time triggered malware that could move laterally across the affiliate networks, identify tactics being taken to compromise endpoints relying on stolen credentials to escalate privileges and compromise the environment. This proactive approach helped them develop a light weight but highly effective and scalable security strategy across distributed subsidiaries that helps protect the integrity of the environment. Learn how the Home Depot Deception Project was able to improve risk reduction, rapidly assess security capabilities of acquired subsidiaries, and enable accelerated integration across this expanded Home Depot portfolio.
4:45 PM: Late Afternoon Break
5:00 PM : VIP Reception (invitation only)
Location: The Overlook, Sixth Floor
ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.
6:00 PM : Sponsor Pavilion and Dinner Buffet
Location: 200 Grant Loft- attached to Westin 7th Level
Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the Award Nominees for 2017, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.
7:30 PM : Sponsor Tear Down
Location: 200 Grant Loft- attached to Westin 7th Level
7:45 PM : ISE® Southeast Awards Gala
Location: 200 Building Whitehall
Lynda Fleury
Vice President and CISO
Unum
ISE® Southeast Executive Award Winner 2008
ISE® North America Executive Award Finalist 2005
Biography
Julie Talbot-Hubbard
Senior Vice President, General Manager - Cyber Protection and Identity
Optiv
ISE® Central Executive Award Winner 2010
Biography
T.E.N. Success Story
Honoring and celebrating the ISE® Southeast Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.
9:00 PM : Champagne & Dessert Reception
Location: 200 Building Whitehall Balcony
Enjoy champagne and dessert while celebrating the winners, nominees and project teams.