Wednesday, May 16, 2018
11:00 AM - 3:00 PM: Registration
Fort Worth Foyer
11:30 AM : ISE® Signature Luncheon *Invitation Only
Location: Fort Worth 1 – 3rd Floor
Cyber Trends in National Security
Patrick Gaul
Executive Director
National Technology Security Coalition (NTSC)
Biography
Over the last year, there has been a lot of discussion on how the federal government will shape its cyber defenses. As national security and cybersecurity have become increasingly more intertwined, we as a nation have reached a pivotal point when it comes to an increased need for better approaches for defending ourselves against cyberattacks. Additionally, with national defense and private sector cybersecurity tied together more than ever before, CISOs desire more dialogue with the federal government about what a productive cybersecurity partnership looks like. Join Patrick Gaul, Executive Director, National Technology Security Coalition (NTSC) as he discusses the importance of fostering dialogue between government and CISOs in the private sector and how the two can come together to better defend critical U.S. infrastructure from cyberattacks.
12:50 PM : Welcoming Remarks and Introductions
Location: Fort Worth 2 – 3rd Floor
Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography
T.E.N.'s CEO & President will welcome guests, provide an overview of the program agenda and event purpose, and introduce the speakers and sponsors of the ISE® Northeast Executive Forum and Awards 2018.
1:10 PM : Keynote Address
Location: Fort Worth 2 – 3rd Floor
Passing the Baton – The Role of CISOs as Cybersecurity Culture Creators
Nicole Darden Ford
Vice President, IT – Global Information Security & Chief Information Security Officer
Baxter International
ISE® Central Executive Award Finalist 2018
Biography
Like the starting runner in a race, the CISO sets the pace for greater security awareness across the organization. Time is of the essence to run ahead of cyberthreats. The CISO’s role is to ensure cybersecurity is embedded across the organization. The CISO’s leadership – endurance training, knowledge and experience – will help engage and motivate every team member to play their part. Learn what the CISO role can do to make cybersecurity a global effort and create a true cybersecurity culture.
1:45 PM : Interactive Executive Roundtables
Location: Fort Worth 2 – 3rd Floor
The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices. The interactive roundtable discussions are hosted by our distinguished ISE® Alumni who are leading CISOs and Information Security Executives.
Evolving the SOC through Security Orchestration
Sponsored by:
Sandy Figurski
SVP and Chief Information Officer
Horace Mann
Biography
Security teams not only face an ever-expanding threat landscape, but they also contend with a variety of operational challenges. Proliferation of disparate security tools. Staffing shortages. Lack of documented, repeatable processes. The result is that nearly half of daily security alerts go uninvestigated. Security orchestration platforms can act as the catalyst for significant improvement in day-to-day security operations and in creating internal consistency between NOCs and SOCs. Because of the centralized approach and consolidated view security orchestration solutions deliver, security teams are enabled to become more efficient and effective while using fewer interfaces, improving reporting and executing highly consistent, repeatable processes.
Gone Phishing: Securing the Enterprise from Social Engineering Attacks
Kevin Dunn
Chief Information Officer / Chief Information Security Officer
U.S. Retirement and Benefits Partners
Biography
Social media, a digital medium that is rooted in sharing personal and professional data, continues to be a favorite target for cyber-criminals because it offers a virtual treasure trove of readily accessible information. The very nature of how information is shared via social media goes against many longstanding core information security principals. Businesses of all shapes and sizes can be targets of social media engineering and phishing attacks. While phishing itself is an incredibly well-known attack technique, it still continues to be a major security issues for many organizations. Symantec’s 2017 Internet Security Threat Report found that Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years. While it’s critical for security teams to keep up to date on current social engineering and phishing attacks, what else needs to be done to ensure the enterprise at large is aware of the dangers and pitfalls of these kinds of attacks?
Outsourcing Cybercrime: Combatting Ransomware as a Service
Alex Nehlebaeff
Corporate Information Security Manager/CISO
Harley-Davidson Financial Services, Inc.
Biography
Ransomware is certainly nothing new in the cybersecurity business, with the first instances having appeared more than a decade ago. However, this old threat has undergone some deadly changes over the last few years. The rise of the Ransomware as a Service (RaaS) distribution model gives would-be cybercriminals the means to launch a cyber-extortion business with virtually no technical expertise required, flooding the market with new ransomware strains in the process. 2017 saw an influx of potent and damaging RaaS attacks like Petya and WannaCry, both of which showed the attack model’s devastating potential to spread quickly and cause serious damage. As the use of RaaS continues to grow, Information Security executives and their security teams need to take new precautions in order to combat this new form of a familiar threat.
The Increasing Impact of Insider Threats
Van Nguyen
Director, Information Security
Federal Reserve System
Insider threats continue to be one of the top cyber security threats and have proven that they are a force to be reckoned with. According to a 2017 Insider Threat Report, 53% of companies estimate remediation costs of $100,000 and more, with 12% estimating a cost of more than $1 million. The same report suggests that 74% of companies feel that they are vulnerable to insider threats, with 7% reporting extreme vulnerability. Every company will face an insider-related breach sooner or later regardless of whether it will be caused by a malicious action or an honest mistake. As costs related to insider threats continue to grow, what can Information Security Executives and their security teams do to combat this all too familiar foe?
2:45 PM : Break
2:55 PM : ISE® Central Nominee Showcase Presentation #1
Location: Fort Worth 2 – 3rd Floor
Championing Security Across the Organization
Ricardo Lafosse
Chief Information Security Officer
The Kraft Heinz Company
ISE® Central Executive of the Year Award Winner 2019
ISE® North America Executive: Financial Award Finalist 2019
Biography
In an effort to ensure the timely mitigation of identified vulnerabilities in an agile method, the team at Morningstar created the Morningstar Security Champion Program. This grass roots program was developed to assign individuals in product team resources to provide direct security oversight, security guidance, and acting as a channel to escalate security issues directly with the Application Security team. Through the program the team has been able effectively tackle an ever-evolving issue across all organizations: motivating individuals to believe in and foster security initiatives. Join our conversation to learn how this program became the core component that fuels Morningstar’s internal metrics program and gamifies the reduction of vulnerabilities across their organization.
3:00 PM - 8:00 PM : Registration
San Antonio Prefunction, 4th floor
3:15 PM: Information Security Executive® Deep Dive Panel
Location: Fort Worth 2 – 3rd Floor
An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.
Moderator
Shamoun Siddiqui
VP, CISO
Neiman Marcus
Biography
Panelists
Michael Oberlaender
CISO & VP
Tailored Brands
Biography
Robert Pace
VP, Information Security & CISO
Invitation Homes
ISE® West Executive Award Finalist 2022
Biography
Duaine Styles
SVP, Chief Security Officer
Torchmark Corporation
Biography
4:00 PM : ISE® Central Nominee Showcase Presentation #2
Location: Fort Worth 2 – 3rd Floor
Faster, Efficient, and More Secure with Cloud
Mike Madero
VP, Information Security
Mr. Cooper
Biography
HMS felt it was imperative that they look for new and efficient ways to meet market demand by leveraging a cloud-first adoption strategy. The objective of their Secure Cloud Infrastructure project was to create an environment that could support highly sensitive data and meet HMS' high security standards while complying with government and commercial compliance frameworks. The successful implementation of this project has allowed them to make fast and consistent application deployments that leverage cross-platform single sign-on technology. Join our conversation as the HMS team shares how they were able to take advantage of faster development and deployment patterns without giving up the visibility required to deliver on their regulatory and contractual security obligations.
4:20 PM : ISE® Central Nominee Showcase Presentation #3
Location: Fort Worth 2 – 3rd Floor
A Three Phase Approach to Improving 3rd Party Risk Management
Kristin Hoppe
SR. Application Analyst/Programmer
Parkland Health & Hospital System
Kai Kert
IT Security Architect Manager
Parkland Health & Hospital System
Parkland Health & Hospital System contracts with more than 248 vendors for on-site, hosted and hybrid cloud solutions. To ensure adequate security controls are in place and risk is properly documented and managed, the Parkland team developed a 3-phase risk analysis approach to vetting, approving and managing vendors before and after the onboarding of new IT solutions. Join our conversation as the Parkland Team shares how they were able to improve their security posture and awareness of security requirements across projects, as well as reduce vendor risk exposure.
4:45 PM: Late Afternoon Break
5:00 PM : ISE® VIP Reception (invitation only)
Location: Fort Worth 1 – 3rd Floor
ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.
6:00 PM : Sponsor Pavilion and Dinner Buffet
Location: San Antonio Prefunction – 4th Floor
Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the award nominees, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.
7:30 PM : Sponsor Tear Down
Location: San Antonio Prefunction – 4th Floor
7:45 PM : ISE® Central Awards Gala
Location: San Antonio Ballroom – 4th Floor
Honoring and celebrating the ISE® Central Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® Sponsors.
James Carpenter
CISO, CTO
Texas Scottish Rite Hospital for Children
ISE® Central People's Choice Award Winner 2009
Biography
Adam Maslow
Vice President IT Security and Infrastructure, Fry Cook & Cashier
Raising Cane's
9:00 PM : Champagne and Dessert Reception
Location: San Antonio Ballroom – 4th Floor
Enjoy champagne and dessert while celebrating the winners, nominees and project teams.