ISE® WEST PRIVATE WELCOME DINNER
Build or Buy? Integrating Advanced Capabilities into Your Security Program
5:30pm - 8:30pm
Harris’ Steakhouse
2100 Van Ness Avenue
San Francisco, CA 94109
Registration
Kannan Perumal
CISO
Applied Materials
Biography
Many enterprises have grown comfortable with the capabilities of their security programs. However, the fact remains that threat actors are evolving their techniques all the time, making it crucial for enterprises to adopt advanced security strategies to keep up with them. For instance, the market is at an inflection point between endpoint protection and EDR functions. For organizations to adopt advanced capabilities like EDR—including the investigation, decision making, and response actions associated with malicious or suspicious detection—security teams must first modernize the way they work. That involves prioritizing work and delegating decisions to security analysts with limited experience and tenure. Join our conversation as we discuss the talent and technology changes organizations should consider in the adoption of advanced adversary detection and hunting programs.
August 22, 2019
11:00 AM - 3:00 PM: Registration
Location: Pre-function of Elizabethan Ballrooms C&D, 2nd floor
11:15 AM: ISE® Signature Luncheon *Invitation Only
Location: Elizabethan B, 2nd floor
Sponsored by:
Counter Intrusion at Scale: A New Way to Become Cyber Resilient
Jeff Trudeau
Chief Information Security Officer (CISO)
Chime
ISE® North America Health Care Executive Award Winner 2013
ISE® West Executive Award Finalist 2019
Stopping intrusions inside trusted networks is a fundamental tenet of information security and is a requirement for an enterprise to be cyber resilient. As a result, intrusion-detection technologies often accompany firewalls and antivirus (AV) software. Together, these tools are expected to keep cyberthreats from impacting an organization, especially preventing the loss of intellectual property and protecting regulatory controlled data and operational information. The earlier threats can be detected and stopped in the attack chain, especially those that evade controls, the more an organization can become cyber resilient. While both firewalls and AV have been reimagined in recent years, flawed technology leaves organizations vulnerable to attacks and struggling with insufficient resources to triage large volumes of false positives. It is time to rearchitect how we solve the problem of intrusions by countering them at scale. To do so, organizations will need a counter intrusion system that operates in all phases of the attack chain, using a hybrid approach with AI to connect different sets of data together no matter where a malicious attack takes place. Join our conversation as we discuss a blueprint for counter intrusion at scale in an enterprise’s internal network and in the cloud that will mitigate the burden of alerts on cyber defense teams and help enterprises become more cyber resilient.
12:50 PM: Welcoming Remarks and Introductions
Location: Elizabethan C&D, 2nd floor
Marci McCarthy
CEO and President
T.E.N.
Biography
T.E.N.'s CEO & President will welcome guests, provide an overview of the program agenda and event purpose, and introduce the speakers and sponsors of the ISE® West Executive Forum and Awards 2019.
1:10 PM: Keynote Address
Location: Elizabethan C&D, 2nd floor
Impact & Influence: Are You Positioned Well?
Suzanne Hall
Global Head of Infrastructure and Chief Information Security Officer
Alimentation Couche-Tard/Circle K Stores, Inc.
Join our discussion as Suzanne Hall addresses the factors to consider when assessing where the CISO is positioned for the greatest impact and influence.
1:45 PM: Interactive Executive Roundtables
Location: Elizabethan C&D, 2nd floor
The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices. The interactive roundtable discussions are hosted by our distinguished ISE® Alumni who are leading CISOs and Information Security Executives.
Creating a Dynamic and Actionable Information Security Plan
Cindy Carson
Sr. Director, Enterprise Security Operations
T-Mobile
Biography
Even though the need is great for organizations to have an active and effective information security plan in place, few have taken the time to continuously adapt their plans to fit the company’s evolving business. However, in order for cyber risks to be monitored and managed, security teams need to be on the same page about how vulnerabilities in the system are assessed, how data assets are identified and managed, and what key business processes are crucial in case such processes are jeopardized or disrupted due to a cyber event. As enterprises continue moving to the cloud and instituting BYOD policies, an information security plan should also incorporate strict procedures and control protocols on third parties and the devices used within the business. This includes technology that will be able to monitor users, analyze activity in-house and remotely, and enact appropriate risk management tactics when necessary. Join our discussion to learn how, above all, a well-designed InfoSec plan will continue to stay up to date with the latest policy and compliance changes while also undergoing continuous cyber hygiene so data, hardware, and software remain current and secure.
Protecting Your Online Identities: The Case for Digital Security
Brett Cumming
Director, Information Security Officer
Skechers USA
ISE® West People's Choice Award Winner 2019
Biography
The use of smartphones, social media, e-commerce, and other online profiles is not abating any time soon, making digital security a necessary part of our lives. As we continue to expand our digital footprints and form online identities, it can be easy to become lax in our security efforts, especially as more and more profiles and apps become interconnected. By accessing one digital app or service, hackers are more likely to gain access to all of your accounts that either use the same username and password or are linked together. With employees also accessing personal accounts on company-owned devices or via company networks, organizations are wrestling with who is responsible and accountable for their digital security. The obvious choice is the CISO, but with digital security crossing many aspects of enterprise transactions and departments, it calls into question how far-reaching business leaders expect the CISO’s role to be. Join our conversation as we discuss how security executives can approach digital security to protect our identities, uniting with business leaders to establish clear-cut security strategies and responsibilities.
Company Security Culture
Michael Dierickx
Director PSIRT
Raytheon
As numerous data breaches have placed organizations’ brands and CEOs’ jobs on the line, security is gradually becoming a priority for C-suite executives and board members alike to integrate into company culture on every level. When your organization moves beyond simply discussing security to taking actionable steps, you’ll know cybersecurity has become a priority within your company. To make that transition from “talking” to “doing,” C-suite members are responsible for convincing board members to adopt cybersecurity as a top-down initiative. The more support C-suite leaders can garner from the board, the more likely they can receive the support and funding for resources and the development of a security program. In addition, having business leaders embody a culture of security with actions as well as rhetoric can have a positive impact on employees, who often receive the brunt of training initiatives, email alerts, and security tests in an organization. Join our discussions as we learn how leadership promoting the positives of security while eliminating apathy, division, and self-interest from the culture will help ensure security behaviors change throughout the company for the better.
Seeing the Bigger Picture with Big Data Security Analytics
Shadaab Kanwal
Managing Director Digital, Data, and Analytics Transformation
Charles Schwab & Co.
Biography
As organizations’ security perimeters continue to dissolve with the use of cloud and mobile services, many security executives are looking at Big Data Security Analytics (BDSA) for its potential to detect vulnerabilities. Early and thorough detection is crucial in a Prevent-Detect-Respond (PDR) paradigm, and BDSA can improve detection by analyzing large quantities of data in real time and identifying changed patterns in user behavior. In addition, BDSA can perform complex correlation algorithms across an organization’s various data sources. Doing so allows BDSA solutions to pinpoint and categorize only the most relevant security events, allowing even inexperienced security members to deal with them, while forensic experts can review details about the incident and compare them with past recorded anomalies. Despite BDSA solutions fostering a big-picture view of security, organizations have been slow to adopt BDSA to their security measures, even though its value is known. Join our discussions as we ask: What are the reasons for this adoption gap, and how can security executives bridge it?
2:45 PM: Afternoon Break
2:55 PM: ISE® West Nominee Showcase Presentation #1
Location: Elizabethan C&D, 2nd floor
Safe at Work, at Home and on the Road: The Information Security Awareness Program
Frank Steele
Senior Manager, Information Security Governance & Compliance
Albertsons Companies
Biography
Albertsons Companies established a new information Security Awareness Program, which was created during 2018 and 2019 to build upon the goodwill established during the October 2017 Information Security Awareness month expos held throughout the corporate offices. The new program’s focus is to increase the security culture of Albertsons. The project team focused on three awareness areas to help employees everywhere they go, to be Safe at Work, at Home, and on the Road. The new continuous year-round program leads with monthly themes, computer-based training, lunch and learn classes and phishing campaigns. The program schedule culminates with the annual October Security Awareness expos at four corporate campuses. Join our discussion as Albertsons Companies tells us about how their Awareness Program had a positive effect in all of Albertsons’ efforts to protect its customer data and has also cultivated better awareness of the information security teams’ purpose and capabilities.
3:00 - 8:00 PM: Registration
Location: Victor's Palace, top floor
3:15 PM: Information Security Executive® Deep Dive Panel
Location: Elizabethan C&D, 2nd floor
An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.
Moderator
Panelists
Selim Aissi
Chief Information Security Officer
Blackhawk Network
ISE® West Executive Award Finalist 2015
ISE® North America Executive Award Finalist 2015 - Commercial Category
Alex Ciurczak
SVP/CISO
EPIC Insurance Brokers & Consultants
Dave Estlick
CISO
Chipotle Mexican Grill
Jeff Trudeau
Chief Information Security Officer (CISO)
Chime
ISE® North America Health Care Executive Award Winner 2013
ISE® West Executive Award Finalist 2019
4:00 PM: ISE® West Nominee Showcase Presentation #2
Location: Elizabethan C&D, 2nd floor
Expanding Security Capabilities: Identify, Credential, and Access Management (ICAM)
Koveh Tavakkol
Sr. Manager – IAM Architecture & Controls
T-Mobile
Biography
Identity is the new parameter, and no security program is successful without a strong focus in Identity Controls. ICAM provides technology leadership, strategy, and governance for identity management products and capabilities at T-Mobile. Critical business objectives include identity management maturity, risk reduction, technology rationalization, operational effectiveness, and cost savings through a common strong-authentication experience. The program implements an Un-carrier approach to digital security through the integration of all enterprise platforms to centralize identity controls. Join our discussion as we learn how T-Mobile’s project opens the doors for meeting business objectives, toolset rationalization and expanded identity access management (IAM) capabilities.
4:20 PM: ISE® West Nominee Showcase Presentation #3
Location: Elizabethan C&D, 2nd floor
Mastering API Protection and Attack Detection
Wenxiao He
Senior Director Technology Operations
Vuclip
Biography
Jishnu Kinwar
VP of Technical Operations
Vuclip
Biography
Vuclip Inc. implemented AI-powered application security provider Wallarm's technology to scan for vulnerabilities, detect attacks, and protect its API. Vuclip utilized these incredible tools to migrate from a vulnerable state to full protection in under an hour by blacklisting malicious IPs/bad actors and by whitelisting those it grants free access to streaming bandwidth—without confusing the two. Join our discussion to learn how Vuclip encounters almost zero false positives and utilizes these tools—which scale with existing systems, including Vuclip's NGINX farm—so that Vuclip can focus more on creating great content and less on security threats.
4:45 PM: Late Afternoon Break
5:00 PM: ISE® VIP Reception (invitation only)
Location: Elizabethan A & B, 2nd floor
ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.
6:00 PM: Sponsor Pavilion and Dinner Buffet
Location: Mission Bay, top floor
Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the Award Nominees for 2019, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.
7:30 PM: Sponsor Tear Down
Location: Mission Bay, top floor
7:45 PM: ISE® West Awards Gala
Location: Golden Gate, top floor
Honoring and celebrating the ISE® West Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.
Bernie Cowens
Executive Vice President, Chief Information Security Officer
Utility Technology Solutions
Biography
Maria Shaw
VP & CISO
Varian Medical Systems
Biography
9:00 PM: Champagne and Dessert Reception
Location: Golden Gate, top floor
Enjoy champagne and dessert while celebrating the winners, nominees and project teams.