ISE® West Schedule of Events 2012

ISE® West Private Welcome Dinner

August 7, 2012
5:30pm -8:30pm
Morton's Steak House
400 Post Street
San Francisco, CA 94102
Matthew Archibald

Matthew Archibald
Managing Director and CISO
Applied Materials, Inc.
ISE® West Award Executive Finalist 2010

Celebrating the eve of the ISE® West Awards, join us for an engaging Private Dinner. This special program will provide a private forum for the area’s leading Information Security Executives® to candidly discuss many of the industry’s hottest issues. Our program topic, “Preparing for and Preventing the Key Security Events that Have Made Headlines,” will address the value of social media identity, mobile device attacks, containment as prevention and the power of social engineering as a rogue attack vector.


August 8, 2012

11:00am - 1:30pm: Registration

Location: Pre-function of Elizabethan Ballrooms C&D, 2nd floor

11:30 AM : ISE West Nominee Welcome Luncheon & Presentation   *Invitation Only

Location: Elizabethan B, 2nd floor
Core SEcurity

The Value of Predictive Security Intelligence > Download Presentation
Although security information is widespread, true "intelligence" is hard to establish because rapidly evolving technologies often create massive responsibility with little support or understanding of security implications. Security leaders must possess the knowledge and resources to predict and prevent threats and effectively communicate risks within an environment of constant change. Our lunch program will provide insights regarding the integration of full-scale attackplanning, threat simulation and attack replication for the purpose of garnering upper-management support, optimizing efficiency and investments in people and technology, and uniting security and business risks.

Pete Lindstrom

Pete Lindstrom
Principal Analyst
Spire Security
Biography

Measure the Immeasurable: Translating Risk to Executives  > Download Presentation
What does "we stopped 24,476 malware attacks today" mean to an executive? Not much without context. The challenge with reporting metrics is that executive don't always understand "why" they should care, as most measurements only speak to what can be measured vs. what should be measured. As security executives we need to talk less about the bits and bytes and more about what is critical to the business. If you do, you'll find the path to true partnership with the C-suite is not as difficult as exploiting an OpenSSL De-allocation vulnerability. In this session you will learn concrete strategies that will help your organization "get there" and contextualize security - for executives and the business alike. Learn how to create a repeatable, successful strategy to communicate IT risk-to-business risk to build an open line of communication, prioritize issues, and possibly gain more resources to fix the problem right.

1:00 PM : Welcoming Remarks and Introductions

Location: Elizabethan C&D, 2nd floor
Marci McCarthy

Marci McCarthy
CEO and President
T.E.N.
Biography

1:15 PM : Keynote Address

Location: Elizabethan C&D, 2nd floor
Mike Wilson

Mike Wilson
Vice President, Chief Information Security Officer
McKesson
ISE® West Executive of the Year Award Winner 2011
ISE® North America Health Care Executive Award Finalist 2011

The Evolving CISO Role – What got you here is unlikely to get you there...  > Download the Presentation
There has been commentary over the last twelve months around the emerging role of the CISO as a risk practitioner, business partner and seasoned communicator. What it means to be CISO today is changing and why this should be of concern for aspiring security professionals as the skills they hone to help achieve these leadership roles are likely to be inadequate to be fully effective these new roles.

Arguably the security and risk management industry is challenged by the lack of executive and general management skills to quench an ever increasing leadership demand. This is truly evident in the health care vertical that is in very short order responding to a revolution associated with the perfect storm of digital healthcare regulatory reform and increased privacy and security concerns.

Interestingly research suggests that the significant challenge facing aspiring new leaders is not their technical prowess or subject matter expertise, but rather the ability to evolve the Information Security Function to that of a risk governance organization that provides oversight across a topic that is more relevant to the Board and Senior Management than ever before. Emerging skills are now sought after, grounded in risk management and ability to partner across the organization, executive communication  skills and the ability to influence senior leaders. Here is the paradox, to succeed through the ranks in the information security field we have emphasized the need for specialization and technical skills development, and yet when you arrive your ability to be effective as a CISO requires a whole different set of skills.

1:45 PM : Interactive Executive Roundtables

Location: Elizabethan C&D, 2nd floor

The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices.  The interactive roundtable discussions are hosted by our ISE® Judges and Nominees.

2:45 PM : Break

2:55 PM : Nominee Showcase Presentation #1

Location: Elizabethan C&D, 2nd floor
Curtis Coleman

Curtis Coleman
Information Security Officer
Seagate Technology

Factory Application Control / Whitelisting Project  > Download the Presentation
In this presentation, Curtis Coleman will discuss  the “Factory Application Control/Whitelisting Project” Seagate undertook to protect both legacy factory testing systems with embedded computers and high-risk, high-value knowledge worker systems.  The project addressed the need to :

  1. Replace the resource-intensive antivirus systems that impacted throughput capacity within the factory environment
  2. Augment the signature-based antivirus system with strong defense that would prevent malware from executing on the knowledge worker computers.
Curtis will share how it was critical throughout the effort to maintain factory production capacity while protecting the testing systems from mtook to alware and other threats.

3:00 PM - 7:00 PM: Registration

Location: Pre-function of Victor’s Palace, top floor

3:15 PM: Industry Crossroads Panel Discussion

Location: Elizabethan C&D, 2nd floor

An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.

Moderator

Jonathan Chow

Jonathan Chow
Chief Information Security Officer
NBC Universal
ISE® West People's Choice Award Winner 2012

Panelists

Vincent Campitelli

Vincent Campitelli
VP of IT Risk Management
McKesson Corporation

Grace Crickette

Grace Crickette
Chief Risk Officer
University of California
ISE® North America Executive Award Winner 2011 - Education/Non-Profit Category

Jonathan Cannon

Jonathan Cannon
Director of Information Security Policy & Strategy
UPS

David Matthews

David Matthews
Deputy Chief Information Security Officer
City of Seattle
ISE® West Executive Award Winner 2008

Wilson Henriquez

Wilson Henriquez
Sr. Business Leader, Global Information Security
VISA

4:00 PM : Nominee Showcase Presentation #2

Location: Elizabethan C&D, 2nd floor
Amy Carroll

Amy Carroll
Vice President, Operational Risk and Process Management
Janus Capital Group

Security Leadership Balancing Risk and Business Value > Download the Presentation
Amy Carroll will discuss how Janus Capital Group is managing their security awareness program as a marketing campaign.   She will walk you through the 4 week campaign that was rolled out to coincide with International Security Awareness Month, and the sessions they have offered their developers on how to protect company and personal data focused on security vulnerabilities – what can happen and how to avoid them.   Janus Capital Group implemented the Courion attestation module to ensure user access is compliant with corporate and regulatory policy, with favorable feedback from their business application owners.   This moves Janus closer to the goal of having an employee access view as opposed to individual system access views.

4:20 PM : Nominee Showcase Presentation #3

Location: Elizabethan C&D, 2nd floor
Bill Burns

Bill Burns
Director, Information Security and Networking
Netflix

DevOps – Scaling Cloud Security by Converging the Data Center with a Global Public Cloud > Download the Presentation
Bill Burns will share how Netflix is committed to adopt a pure public cloud model, yet many security and compliance controls are not mature or do not exist in that space. Bill and his team created a prioritized, and risk-based approach to migrating existing controls from their datacenters to a global public cloud. One such example has been the migration of a distributed, purely-software Web Application Firewall system to provide basic security and compliance controls. This system protects sensitive customer information and transactions, provides a “single pane of glass” of the entire attack surface (DataCenter + global public cloud), and is compatible both with their traditional puppet-based and DevOps deployment model. Furthermore, this WAF system is embedded into cloud instance build process, so it’s truly “baked in by default” for any new instances that are spawned. As new Netflix web systems are automatically added to match customer demand throughout the day, this security control is transparently applied to follow the demand curve.  The end result is a system that scales equally well in both traditional datacenter and DevOps public cloud environments, and interoperate seamlessly. This provides his team and Netflix a single view of the attack surface that represents the Netflix service.

4:45 PM: Late Afternoon Break

5:00 PM : VIP Reception (invitation only)

Location: Elizabethan A & B, 2nd floor

ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.

6:00 PM : Sponsor Pavilion and Dinner Buffet

Location: Victor's Palace, top floor

Guests enjoy gourmet dinner while networking and meeting the sponsors.  Honoring and celebrating the award nominees for 2013, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.

7:30 PM : ISE® West Awards Gala

Location: California Alexandra Ballroom, top floor

Honoring and celebrating the ISE® West Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance.

9:00 PM : Champagne & Dessert Reception

Location: California Alexandra Ballroom, top floor

Enjoy champagne and dessert while celebrating the winners, nominees and project teams. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.