ISE® Central Schedule of Events 2018

Wednesday, May 16, 2018

11:00 AM - 3:00 PM: Registration

Fort Worth Foyer

11:30 AM : ISE® Signature Luncheon *Invitation Only

Location: Fort Worth 1 – 3rd Floor

Cyber Trends in National Security

Gaul_Patrick

Patrick Gaul
Executive Director
National Technology Security Coalition (NTSC)
Biography

Over the last year, there has been a lot of discussion on how the federal government will shape its cyber defenses. As national security and cybersecurity have become increasingly more intertwined, we as a nation have reached a pivotal point when it comes to an increased need for better approaches for defending ourselves against cyberattacks. Additionally, with national defense and private sector cybersecurity tied together more than ever before, CISOs desire more dialogue with the federal government about what a productive cybersecurity partnership looks like. Join Patrick Gaul, Executive Director, National Technology Security Coalition (NTSC) as he discusses the importance of fostering dialogue between government and CISOs in the private sector and how the two can come together to better defend critical U.S. infrastructure from cyberattacks.

12:50 PM : Welcoming Remarks and Introductions

Location: Fort Worth 2 – 3rd Floor
Marci McCarthy

Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography

T.E.N.'s CEO & President will welcome guests, provide an overview of the program agenda and event purpose, and introduce the speakers and sponsors of the ISE® Northeast Executive Forum and Awards 2018.

1:10 PM : Keynote Address

Location: Fort Worth 2 – 3rd Floor

Passing the Baton – The Role of CISOs as Cybersecurity Culture Creators

Nicole Darden Ford

Nicole Darden Ford
Vice President, IT – Global Information Security & Chief Information Security Officer
Baxter International
ISE® Central Executive Award Finalist 2018
Biography

Like the starting runner in a race, the CISO sets the pace for greater security awareness across the organization. Time is of the essence to run ahead of cyberthreats. The CISO’s role is to ensure cybersecurity is embedded across the organization. The CISO’s leadership – endurance training, knowledge and experience – will help engage and motivate every team member to play their part. Learn what the CISO role can do to make cybersecurity a global effort and create a true cybersecurity culture.

1:45 PM : Interactive Executive Roundtables

Location: Fort Worth 2 – 3rd Floor

The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices.  The interactive roundtable discussions are hosted by our distinguished ISE® Alumni who are leading CISOs and Information Security Executives.

Evolving the SOC through Security Orchestration

Sponsored by:
figurski_sandy

Sandy Figurski
SVP and Chief Information Officer
Horace Mann
Biography

Security teams not only face an ever-expanding threat landscape, but they also contend with a variety of operational challenges. Proliferation of disparate security tools. Staffing shortages. Lack of documented, repeatable processes. The result is that nearly half of daily security alerts go uninvestigated. Security orchestration platforms can act as the catalyst for significant improvement in day-to-day security operations and in creating internal consistency between NOCs and SOCs. Because of the centralized approach and consolidated view security orchestration solutions deliver, security teams are enabled to become more efficient and effective while using fewer interfaces, improving reporting and executing highly consistent, repeatable processes.

Gone Phishing: Securing the Enterprise from Social Engineering Attacks

Kevin Dunn

Kevin Dunn
SVP & Chief Information Officer
U.S. Retirement and Benefits Partners
Biography

Social media, a digital medium that is rooted in sharing personal and professional data, continues to be a favorite target for cyber-criminals because it offers a virtual treasure trove of readily accessible information. The very nature of how information is shared via social media goes against many longstanding core information security principals. Businesses of all shapes and sizes can be targets of social media engineering and phishing attacks. While phishing itself is an incredibly well-known attack technique, it still continues to be a major security issues for many organizations. Symantec’s 2017 Internet Security Threat Report found that Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years. While it’s critical for security teams to keep up to date on current social engineering and phishing attacks, what else needs to be done to ensure the enterprise at large is aware of the dangers and pitfalls of these kinds of attacks?

Outsourcing Cybercrime: Combatting Ransomware as a Service

Alex Nehlebaeff

Alex Nehlebaeff
Corporate Information Security Manager/CISO
Harley-Davidson Financial Services, Inc.
Biography

Ransomware is certainly nothing new in the cybersecurity business, with the first instances having appeared more than a decade ago. However, this old threat has undergone some deadly changes over the last few years. The rise of the Ransomware as a Service (RaaS) distribution model gives would-be cybercriminals the means to launch a cyber-extortion business with virtually no technical expertise required, flooding the market with new ransomware strains in the process. 2017 saw an influx of potent and damaging RaaS attacks like Petya and WannaCry, both of which showed the attack model’s devastating potential to spread quickly and cause serious damage. As the use of RaaS continues to grow, Information Security executives and their security teams need to take new precautions in order to combat this new form of a familiar threat.

The Increasing Impact of Insider Threats

Van Nguyen

Van Nguyen
Director, Information Security
Federal Reserve System

Insider threats continue to be one of the top cyber security threats and have proven that they are a force to be reckoned with. According to a 2017 Insider Threat Report, 53% of companies estimate remediation costs of $100,000 and more, with 12% estimating a cost of more than $1 million. The same report suggests that 74% of companies feel that they are vulnerable to insider threats, with 7% reporting extreme vulnerability. Every company will face an insider-related breach sooner or later regardless of whether it will be caused by a malicious action or an honest mistake. As costs related to insider threats continue to grow, what can Information Security Executives and their security teams do to combat this all too familiar foe?

2:45 PM : Break

2:55 PM : ISE® Central Nominee Showcase Presentation #1

Location: Fort Worth 2 – 3rd Floor

Championing Security Across the Organization

Ricardo Lafosse

Ricardo Lafosse
CISO
Morningstar, Inc.
Biography

In an effort to ensure the timely mitigation of identified vulnerabilities in an agile method, the team at Morningstar created the Morningstar Security Champion Program. This grass roots program was developed to assign individuals in product team resources to provide direct security oversight, security guidance, and acting as a channel to escalate security issues directly with the Application Security team. Through the program the team has been able effectively tackle an ever-evolving issue across all organizations: motivating individuals to believe in and foster security initiatives. Join our conversation to learn how this program became the core component that fuels Morningstar’s internal metrics program and gamifies the reduction of vulnerabilities across their organization.

3:00 PM - 8:00 PM : Registration

San Antonio Prefunction, 4th floor

3:15 PM: Information Security Executive® Deep Dive Panel

Location: Fort Worth 2 – 3rd Floor

An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.

Moderator

Shamoun Siddiqui

Shamoun Siddiqui
VP & Chief Information Security Officer
Neiman Marcus Group
Biography

Panelists

Oberlaender_Michael

Michael Oberlaender
CISO & VP
Tailored Brands
Biography

Pace_Robert

Robert Pace
Vice President, Information Security & Compliance
First American Payment Systems
Biography

Duaine Styles

Duaine Styles
CISO
Torchmark Corporation
Biography

=

4:00 PM : ISE® Central Nominee Showcase Presentation #2

Location: Fort Worth 2 – 3rd Floor

Faster, Efficient, and More Secure with Cloud

Michael Madero

Michael Madero
Manager, Security Architecture
HMS

HMS felt it was imperative that they look for new and efficient ways to meet market demand by leveraging a cloud-first adoption strategy. The objective of their Secure Cloud Infrastructure project was to create an environment that could support highly sensitive data and meet HMS' high security standards while complying with government and commercial compliance frameworks. The successful implementation of this project has allowed them to make fast and consistent application deployments that leverage cross-platform single sign-on technology. Join our conversation as the HMS team shares how they were able to take advantage of faster development and deployment patterns without giving up the visibility required to deliver on their regulatory and contractual security obligations.

4:20 PM : ISE® Central Nominee Showcase Presentation #3

Location: Fort Worth 2 – 3rd Floor

A Three Phase Approach to Improving 3rd Party Risk Management

Hoppe_Kristin

Kristin Hoppe
SR. Application Analyst/Programmer
Parkland Health & Hospital System

Kai Kert

Kai Kert
IT Security Architect Manager
Parkland Health & Hospital System

Parkland Health & Hospital System contracts with more than 248 vendors for on-site, hosted and hybrid cloud solutions. To ensure adequate security controls are in place and risk is properly documented and managed, the Parkland team developed a 3-phase risk analysis approach to vetting, approving and managing vendors before and after the onboarding of new IT solutions. Join our conversation as the Parkland Team shares how they were able to improve their security posture and awareness of security requirements across projects, as well as reduce vendor risk exposure.

4:45 PM: Late Afternoon Break

5:00 PM : ISE® VIP Reception (invitation only)

Location: Fort Worth 1 – 3rd Floor

ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.

6:00 PM : Sponsor Pavilion and Dinner Buffet

Location: San Antonio Prefunction – 4th Floor

Guests enjoy gourmet dinner while networking and meeting the sponsors.  Honoring and celebrating the award nominees, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.

7:30 PM : Sponsor Tear Down

Location: San Antonio Prefunction – 4th Floor

7:45 PM : ISE® Central Awards Gala

Location: San Antonio Ballroom – 4th Floor

Honoring and celebrating the ISE® Central Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® Sponsors.

James Carpenter

James Carpenter
CISO/CTO
Texas Scottish Rite Hospital for Children
Dallas, TX
ISE® Central People's Choice Award Winner 2009
Biography

Adam Maslow

Adam Maslow
Sr. Director Information Security
Raising Cane's

9:00 PM : Champagne and Dessert Reception

Location: San Antonio Ballroom – 4th Floor

Enjoy champagne and dessert while celebrating the winners, nominees and project teams.