ISE® West Schedule of Events 2019

ISE® WEST PRIVATE WELCOME DINNER
Build or Buy? Integrating Advanced Capabilities into Your Security Program

August 21, 2019
5:30pm - 8:30pm
Harris’ Steakhouse
2100 Van Ness Avenue
San Francisco, CA 94109
Registration
Kannan Perumal

Kannan Perumal
CISO
Applied Materials
Biography

Many enterprises have grown comfortable with the capabilities of their security programs. However, the fact remains that threat actors are evolving their techniques all the time, making it crucial for enterprises to adopt advanced security strategies to keep up with them. For instance, the market is at an inflection point between endpoint protection and EDR functions. For organizations to adopt advanced capabilities like EDR—including the investigation, decision making, and response actions associated with malicious or suspicious detection—security teams must first modernize the way they work. That involves prioritizing work and delegating decisions to security analysts with limited experience and tenure. Join our conversation as we discuss the talent and technology changes organizations should consider in the adoption of advanced adversary detection and hunting programs.

August 22, 2019

11:00 AM - 3:00 PM: Registration

Location: Pre-function of Elizabethan Ballrooms C&D, 2nd floor

11:15 AM: ISE® Signature Luncheon *Invitation Only

Location: Elizabethan B, 2nd floor

Sponsored by:

Counter Intrusion at Scale: A New Way to Become Cyber Resilient

Jeff Trudeau

Jeff Trudeau
Chief Security Officer
Credit Karma
ISE® North America Health Care Executive Award Winner 2013
ISE® West Executive Award Finalist 2019

Biography

Stopping intrusions inside trusted networks is a fundamental tenet of information security and is a requirement for an enterprise to be cyber resilient. As a result, intrusion-detection technologies often accompany firewalls and antivirus (AV) software. Together, these tools are expected to keep cyberthreats from impacting an organization, especially preventing the loss of intellectual property and protecting regulatory controlled data and operational information. The earlier threats can be detected and stopped in the attack chain, especially those that evade controls, the more an organization can become cyber resilient. While both firewalls and AV have been reimagined in recent years, flawed technology leaves organizations vulnerable to attacks and struggling with insufficient resources to triage large volumes of false positives. It is time to rearchitect how we solve the problem of intrusions by countering them at scale. To do so, organizations will need a counter intrusion system that operates in all phases of the attack chain, using a hybrid approach with AI to connect different sets of data together no matter where a malicious attack takes place. Join our conversation as we discuss a blueprint for counter intrusion at scale in an enterprise’s internal network and in the cloud that will mitigate the burden of alerts on cyber defense teams and help enterprises become more cyber resilient.

12:50 PM: Welcoming Remarks and Introductions

Location: Elizabethan C&D, 2nd floor
Marci McCarthy

Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography

T.E.N.'s CEO & President will welcome guests, provide an overview of the program agenda and event purpose, and introduce the speakers and sponsors of the ISE® West Executive Forum and Awards 2019.

1:10 PM: Keynote Address

Location: Elizabethan C&D, 2nd floor

Impact & Influence: Are You Positioned Well?

Suzanne Hall
Global Head of Infrastructure and Chief Information Security Officer
Alimentation Couche-Tard/Circle K Stores, Inc.

Join our discussion as Suzanne Hall addresses the factors to consider when assessing where the CISO is positioned for the greatest impact and influence.

1:45 PM: Interactive Executive Roundtables

Location: Elizabethan C&D, 2nd floor

The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices.  The interactive roundtable discussions are hosted by our distinguished ISE® Alumni who are leading CISOs and Information Security Executives.

Creating a Dynamic and Actionable Information Security Plan

Cindy Carson

Cindy Carson
Sr. Director, Enterprise Security Operations
T-Mobile
Biography

Even though the need is great for organizations to have an active and effective information security plan in place, few have taken the time to continuously adapt their plans to fit the company’s evolving business. However, in order for cyber risks to be monitored and managed, security teams need to be on the same page about how vulnerabilities in the system are assessed, how data assets are identified and managed, and what key business processes are crucial in case such processes are jeopardized or disrupted due to a cyber event. As enterprises continue moving to the cloud and instituting BYOD policies, an information security plan should also incorporate strict procedures and control protocols on third parties and the devices used within the business. This includes technology that will be able to monitor users, analyze activity in-house and remotely, and enact appropriate risk management tactics when necessary. Join our discussion to learn how, above all, a well-designed InfoSec plan will continue to stay up to date with the latest policy and compliance changes while also undergoing continuous cyber hygiene so data, hardware, and software remain current and secure.

Protecting Your Online Identities: The Case for Digital Security

Brett Cumming
Director, Information Security Officer
Skechers USA
ISE® West People's Choice Award Winner 2019
Biography

The use of smartphones, social media, e-commerce, and other online profiles is not abating any time soon, making digital security a necessary part of our lives. As we continue to expand our digital footprints and form online identities, it can be easy to become lax in our security efforts, especially as more and more profiles and apps become interconnected. By accessing one digital app or service, hackers are more likely to gain access to all of your accounts that either use the same username and password or are linked together. With employees also accessing personal accounts on company-owned devices or via company networks, organizations are wrestling with who is responsible and accountable for their digital security. The obvious choice is the CISO, but with digital security crossing many aspects of enterprise transactions and departments, it calls into question how far-reaching business leaders expect the CISO’s role to be. Join our conversation as we discuss how security executives can approach digital security to protect our identities, uniting with business leaders to establish clear-cut security strategies and responsibilities.

Company Security Culture

Michael Dierickx

Michael Dierickx
Director PSIRT
UTC

As numerous data breaches have placed organizations’ brands and CEOs’ jobs on the line, security is gradually becoming a priority for C-suite executives and board members alike to integrate into company culture on every level. When your organization moves beyond simply discussing security to taking actionable steps, you’ll know cybersecurity has become a priority within your company. To make that transition from “talking” to “doing,” C-suite members are responsible for convincing board members to adopt cybersecurity as a top-down initiative. The more support C-suite leaders can garner from the board, the more likely they can receive the support and funding for resources and the development of a security program. In addition, having business leaders embody a culture of security with actions as well as rhetoric can have a positive impact on employees, who often receive the brunt of training initiatives, email alerts, and security tests in an organization. Join our discussions as we learn how leadership promoting the positives of security while eliminating apathy, division, and self-interest from the culture will help ensure security behaviors change throughout the company for the better.

Seeing the Bigger Picture with Big Data Security Analytics

Kanwal_Shadaab

Shadaab Kanwal
Managing Director Enterprise Risk Management
Charles Schwab & Co.
Biography

As organizations’ security perimeters continue to dissolve with the use of cloud and mobile services, many security executives are looking at Big Data Security Analytics (BDSA) for its potential to detect vulnerabilities. Early and thorough detection is crucial in a Prevent-Detect-Respond (PDR) paradigm, and BDSA can improve detection by analyzing large quantities of data in real time and identifying changed patterns in user behavior. In addition, BDSA can perform complex correlation algorithms across an organization’s various data sources. Doing so allows BDSA solutions to pinpoint and categorize only the most relevant security events, allowing even inexperienced security members to deal with them, while forensic experts can review details about the incident and compare them with past recorded anomalies. Despite BDSA solutions fostering a big-picture view of security, organizations have been slow to adopt BDSA to their security measures, even though its value is known. Join our discussions as we ask: What are the reasons for this adoption gap, and how can security executives bridge it?

2:45 PM: Afternoon Break

2:55 PM: ISE® West Nominee Showcase Presentation #1

Location: Elizabethan C&D, 2nd floor

Safe at Work, at Home and on the Road: The Information Security Awareness Program

Steele_Frank

Frank Steele
Senior Manager, Information Security Governance & Compliance
Albertsons Companies
Biography

Albertsons Companies established a new information Security Awareness Program, which was created during 2018 and 2019 to build upon the goodwill established during the October 2017 Information Security Awareness month expos held throughout the corporate offices. The new program’s focus is to increase the security culture of Albertsons. The project team focused on three awareness areas to help employees everywhere they go, to be Safe at Work, at Home, and on the Road. The new continuous year-round program leads with monthly themes, computer-based training, lunch and learn classes and phishing campaigns. The program schedule culminates with the annual October Security Awareness expos at four corporate campuses. Join our discussion as Albertsons Companies tells us about how their Awareness Program had a positive effect in all of Albertsons’ efforts to protect its customer data and has also cultivated better awareness of the information security teams’ purpose and capabilities.

3:00 - 8:00 PM: Registration

Location: Victor's Palace, top floor

3:15 PM: Information Security Executive® Deep Dive Panel

Location: Elizabethan C&D, 2nd floor

An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.

Moderator

Tom Cline

William Lidster
Senior Manager of Information Security and Compliance
AAA Washington
Biography

Panelists

Selim Aissi
SVP & CISO
Ellie Mae
ISE® West Executive Award Finalist 2015
ISE® North America Executive Award Finalist 2015 - Commercial Category

Biography

Alex Ciurczak
SVP/CISO
EPIC Insurance Brokers & Consultants

Dave Estlick

Dave Estlick
CISO
Starbucks

Jeff Trudeau

Jeff Trudeau
Chief Security Officer
Credit Karma
ISE® North America Health Care Executive Award Winner 2013
ISE® West Executive Award Finalist 2019

Biography

4:00 PM: ISE® West Nominee Showcase Presentation #2

Location: Elizabethan C&D, 2nd floor

Expanding Security Capabilities: Identify, Credential, and Access Management (ICAM)

Koveh Tavakkol

Koveh Tavakkol
Sr. Manager – IAM Architecture & Controls
T-Mobile
Biography

Identity is the new parameter, and no security program is successful without a strong focus in Identity Controls. ICAM provides technology leadership, strategy, and governance for identity management products and capabilities at T-Mobile. Critical business objectives include identity management maturity, risk reduction, technology rationalization, operational effectiveness, and cost savings through a common strong-authentication experience. The program implements an Un-carrier approach to digital security through the integration of all enterprise platforms to centralize identity controls. Join our discussion as we learn how T-Mobile’s project opens the doors for meeting business objectives, toolset rationalization and expanded identity access management (IAM) capabilities.

4:20 PM: ISE® West Nominee Showcase Presentation #3

Location: Elizabethan C&D, 2nd floor

Mastering API Protection and Attack Detection

Wenxiao He
Senior Director Technology Operations
Vuclip
Biography

Jishnu Kinwar
VP of Technical Operations
Vuclip
Biography

Vuclip Inc. implemented AI-powered application security provider Wallarm's technology to scan for vulnerabilities, detect attacks, and protect its API. Vuclip utilized these incredible tools to migrate from a vulnerable state to full protection in under an hour by blacklisting malicious IPs/bad actors and by whitelisting those it grants free access to streaming bandwidth—without confusing the two. Join our discussion to learn how Vuclip encounters almost zero false positives and utilizes these tools—which scale with existing systems, including Vuclip's NGINX farm—so that Vuclip can focus more on creating great content and less on security threats.

4:45 PM: Late Afternoon Break

5:00 PM: ISE® VIP Reception (invitation only)

Location: Elizabethan A & B, 2nd floor

ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.

6:00 PM: Sponsor Pavilion and Dinner Buffet

Location: Mission Bay, top floor

Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the Award Nominees for 2019, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.

7:30 PM: Sponsor Tear Down

Location: Mission Bay, top floor

7:45 PM: ISE® West Awards Gala

Location: Golden Gate, top floor

Honoring and celebrating the ISE® West Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.

Bernie Cowens

Bernie Cowens
Vice President & Chief Security Officer
PG&E
Biography

Maria Shaw

Maria Shaw
VP & CISO
Varian Medical Systems
Biography

9:00 PM: Champagne and Dessert Reception

Location: Golden Gate, top floor

Enjoy champagne and dessert while celebrating the winners, nominees and project teams.