March 4, 2015
11am - 8pm: Registration
Location: Prefunction CDE, 4th floor
11:30 AM : ISE® Signature Luncheon *Invitation Only
Location: East West Paces, 4th floor
Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography
S. Darnell Frymire
President
ISE® Talent, A T.E.N. Company
Biography
The Balancing Act: Managing Expectations Across the Enterprise > Download Presentation
Ongoing breaches and reports of cyber espionage have brought Information Security center stage with executive management, boards of directors and customers alike. The business expects the CISO to manage an agile, high-performing security program, yet consistently fails to adequately underwrite or provide the range of resources necessary to meet growing demands. Now expected to be a transformative leader, CISOs are struggling to balance new perceptions when such a disconnect exists between expectations and reality. Just as managing the complexity of the threat environment mandates a solution-based, multi-layer approach, so does navigating the complex relationships necessary to bridge the gaps between security and the enterprise. During this presentation, learn how to work with various business units and departments to build and empower your leadership team, so that you can better manage the heavy burden of defending your organization against the unrelenting array of cyber threats.
1:00 PM : Welcoming Remarks and Introductions
Location: Ballroom CDE, 4th floor
Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography
1:10 PM : Keynote Address
Location: Ballroom CDE, 4th floor
Dave McDermitt
VP and Chief Information Security Officer
Federal Reserve Bank of Atlanta
Atlanta, GA
ISE® Southeast Executive Award Winner 2014
Biography
You wanted a seat at the table… now what? > Download Presentation
As the role of CISO has continued to mature, the leaders selected for the role are being asked to advise on a wider range of topics that increasing involve understanding all manner of risk. Technology is inexorably embedded in every aspect of the business and in order to remain relevant we must be providing our business partners with the tools they need to understand risks they accept. We must enable the goals of the business and to help set an appropriate risk appetite that balances the business need with the security objective.
1:45 PM : Interactive Executive Roundtables
Location: Ballroom CDE, 4th floor
The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices. The interactive roundtable discussions are hosted by our ISE® Judges and Nominees.
Joe Bennett
CISO, VP of Enterprise IT and Information Security
YP
Tucker, GA
Biography
Real Life War Games: Avoiding the High-profile Mega Breach > Read Summary
In 1983, the idea of hacking into a computer system was science fiction, but today it is a terrifying – almost daily – reality. Most organizations underestimate their risk and vulnerability to cyber attacks, yet hacker activity is intensifying. More than 700 security breaches have been reported during 2014 alone, several of which have been high-profile, significant incidents compromising the private data of millions of people, costing millions of dollars, consuming excessive amounts of time to remediate and in some cases destroying careers. Now, large-scale breaches such as Sony, Target, P.F Chang’s, JPMorgan Chase and Home Depot are a weekly occurrence. With more incidents and more variation than ever before, the only question is – who will be next?
Pete Chronis
Chief Security Officer
EarthLink
Atlanta, GA
Biography
The New CISO: Agent of Change > Read Summary
CISOs need to be Agents of Change in order to lead successful information security programs. They are no longer just operating in the familiar technical spheres of influence. Now expected to be a business enabler, a CISO must lead efforts to build consensus for security as a priority in the enterprise by selling the Board, the C-suite and others on the benefits of a proactive approach. Despite driving a “Program of Change” CISOs often overlook the business marketing skills and activities that are essential when it comes to gaining budget and program approval. Today’s CISOs need to understand branding and establish a “go-to-market” plan in order to “sell” their Security Program.
Phil Agcaoili
VP, Chief Information Security Officer
Elavon, Inc.
ISE® Central Executive Award Winner 2009
ISE® of the Decade Southeast Award Winner 2012
Biography
Social Engineering: Can Organizations Win the Battle? > Read Summary
Gone are days of mass emails with misspelled messages. Criminals today are doing more reconnaissance than ever before – aided by social networks -- to craft targeted emails that trick people into opening malware-rigged attachments or divulging passwords and sensitive information. The threat is highly targeted and sophisticated and intended to cause strategic harm, financial loss, reputation damage and technical breaches. And it’s proving costlier than ever. With recent breaches, the imperative to counter social engineering takes on a whole new level of urgency. While some organizations develop employee-awareness training or solicit pen testing, or use some combination of the two, these preventive tactics can only go so far. Adopting a "know thy data" approach -- in terms of what it is, how valuable it is and where it is -- and then focusing on securing it may be the key to surviving the onslaught of attacks.
Ashley Ferguson
Manager, IT Risk Management
Energen Corporation
ISE® Southeast People's Choice Award Winner 2013
Biography
Cyber Threat Intelligence: A Gold Mine of Value > Read Summary
An intelligence capability empowers organizations to identify potential threats and vulnerabilities in order to minimize the ‘threat attack window‘ and limit the amount of time an adversary gains access to the network before they are discovered. Organizations that operate with an intelligence-led mindset understand that threat intelligence is the ‘mechanism’ that drives cyber security investment and operational risk management. The number of cyber threat intelligence providers continues to increase and the idea of threat intelligence is gaining widespread acceptance. While increased awareness of the cyber security threat is a positive trend, many organizations still need to put in place the fundamentals of intelligence management to gain real value from threat intelligence. This will be a crucial for instilling confidence in board members – and ensure that the organizations are equipped to leverage the gold mine of value that can be extracted from cyber threat intelligence.
2:45 PM : Break
2:55 PM : Nominee Showcase Presentation #1
Location: Ballroom CDE, 4th floor
Scott Frost
Chief Information Security Officer
Belk
Biography
Security Overhaul – Building a World Class, Multi-dimensional Protection Program
In recent years, several major U.S. retailers have been victim to megabreaches causing significant loss, interrupting business operations and causing immeasurable damage to brand reputation. This served as an impetus for Belk, the nation’s largest family-owned retailer, to launch a full scale, multi-dimensional project to protect its card processing system, network perimeter and significantly enhance the store’s controlled environment. The project, which spanned a six-month period, achieved PCI and SOX compliance, initiated board-level reporting and launched a security awareness campaign touching more than 20,000 employees. Learn how the security team at Belk was able to integrate and implement multiple solutions into a single, robust, rapidly deployed security project in order to significantly improve the company’s security environment and simultaneously instill security as an integral part of corporate culture.
3:15 PM: CISO Deep Dive: Executive Leadership
Location: Ballroom CDE, 4th floor
An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.
Moderator
Pete Lindstrom
VP, Security Strategies
IDC
Biography
Panelists
Prentis Brooks
Head of Information Security
Lincare Holdings, Inc.
Biography
Kyle Duke
CIO
Tenn-Care
ISE® Southeast People's Choice Award Winner 2010
Biography
T.E.N. Success Story
Scott Frost
Chief Information Security Officer
Belk
Biography
Greg Schaffer
Vice President, Information Security Officer
FirstBank
Biography
4:00 PM : Nominee Showcase Presentation #2
Location: Ballroom CDE, 4th floor
Bob Quandt
Information Security Executive Director
Healthways
Biography
Ensuring Accountability through Project TAPOUT > Download Presentation
The Healthways security team needed a better way to hold various internal groups and third parties accountable for security protocol. Although the data was there, they struggled to find an external tool that made follow-up easy for users, while ensuring corrective response occurred within the required timeframe – a problem faced by many enterprise security organizations. The team instead collaborated to build an in-house web application and database to enhance a purchased solution that facilitated adequate documentation around vulnerability management and reduced the remediation time by greater than 200%. Learn how the team undertook this resourceful endeavor to improve communication, expedite patching efforts and more efficiently protect the critical information and assets of millions of users across the globe.
4:20 PM : Nominee Showcase Presentation #3
Location: Ballroom CDE, 4th floor
Pete Chronis
Chief Security Officer
EarthLink
Atlanta, GA
Biography
BotRadar – Invisible Protection from Malicious Attacks > Download Presentation
An increase in brute force password attacks and phishing attempts resulted in automated account lockouts for EarthLink employees and customers, placing unnecessary strain on call centers and causing negative user experiences. The security team sought to add an invisible layer of protection that would collect, analyze and take automated action on suspicious behaviors at great speed in order to protect users without impacting business operations. Implementing the three-phase, collaborative and cross-functional project, not only improved user experience, but also resulted in a 92% reduction in account lockouts and an 80% reduction of customer support calls saving nearly $200,000 annually. Learn how the team worked with multiple business units to modify and enhance home-grown technology that protects more than one million users by thwarting approximately 10 million new attacks every day.
4:45 PM: Late Afternoon Break
5:00 PM : VIP Reception (invitation only)
Location: East West Paces, 4th floor
ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.
6:00 PM : Sponsor Pavilion and Dinner Buffet
Location: Prefunction Grand Ballroom, 4th floor
Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the Award Nominees for 2014, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.
7:30 PM : ISE® Southeast Awards Gala
Location: Grand Ballroom AB, 4th floor
Honoring and celebrating the ISE® Southeast Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.
9:00 PM : Champagne & Dessert Reception
Location: Prefunction Grand Ballroom, 4th floor
Enjoy champagne and dessert while celebrating the winners, nominees and project teams.