ISE® Northeast Schedule of Events 2015

ISE® Northeast Private Welcome Dinner

October 7, 2015
5:30pm - 8:30pm
Lattanzi
361 W 46th St.
New York, NY
To register, please contact Deb Jones.
Jay Wright

Jay Wright
Information Security Officer
Citigroup Inc.
Biography

Closing the Security Intelligence Gap – Integrating Identity, Access and Security Management
Your data is valuable and there’s a good chance that someone is actively working to get it. For today’s hackers, successful infiltration to sensitive systems and information is often achieved by gaining the credentials of privileged users with elevated access rights. Traditional security solutions are no longer enough to spot this attack method. Closing the gap requires a new approach---integrating security monitoring with identity and access management. Applying identity-based context and user access behavior into your security monitoring efforts are imperative to discovering the true, actionable security intelligence required for your team to disrupt an attack before it can cause damage and expedite incident response. Join our conversation for a deep dive into identity, access and security management and learn more about the tools and strategies your team needs to recognize potential attacks faster and keep your most sensitive information assets safe.

October 8, 2015

10:00am: Registration

Location: Pre-function area of Ambassador Ballroom, 2nd floor

11:30 AM : ISE® Signature Luncheon *Invitation Only

Location: Ambassador 2, 2nd floor

Sponsored by

Security Scorecard

Frank Roppelt

Frank Roppelt
Managing Director, Global Head of Vendor Risk Management
BNY Mellon
Biography

The Evolving Challenge of Third Party Security Risk Management Industry experts estimate that third-party security breaches are growing at an astounding rate, leading many to believe that a firm’s level of cybersecurity is only as good as the security of its vendors. To be successful, CISOs must work with, not against, partners to effectively remediate immediate threats and lower collective security risk. Join our conversation to discuss how to better protect your organization from third party threats by adding continuous monitoring to your arsenal and adopting practices for collaborative intervention and remediation.

1:00 PM : Welcoming Remarks and Introductions

Location: Ambassador 3, 2nd Floor
Marci McCarthy

Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography

1:10 PM : Keynote Address

Location: Ambassador 3, 2nd Floor
John Schramm

John Schramm
CISO
Manulife
Biography

Information Risk in the Boardroom: How to get comfortable outside your comfort zone
As the profile of information risks such as cyber security, access management and business resiliency increase at companies so does the organizational profile of the CISO role in corporate governance. This constant and rapid evolution of the role has stretched the capabilities of many CISO’s as the role continues to grow and expand into the boardroom. I’ll share my views on where we have come from, the challenges we currently face in being effective with our boards and where we may be going in the future.

1:45 PM : Interactive Executive Roundtables

Location: Ambassador 3, 2nd Floor

The Interactive Executive Roundtables brings together ISE® Nominees, industry leaders, invited guests, and sponsor delegates to meet each other and join in interactive discussions on key industry issues as well as share best practices.  The interactive roundtable discussions are hosted by our ISE® Judges and Nominees.

HP
Joseph Zingalis

Joseph Zingalis
International Information Security – Canada & LatAm
Wells Fargo & Company
Biography

Securing Your Data across Channels: Strategies for Outpacing Zero Day Threats and Sophisticated Hackers

Mobile, social and cloud technologies enable an organization’s efficiency and productivity, and can often provide competitive and brand differentiation. However, the widespread adoption of these services often results in an environment where free-flowing data quickly outpaces an organization’s ability to proactively defend against imminent and emerging security threats. All companies with valuable IP should assume both zero day threats and sophisticated hackers are targeting them. Mobile, social and cloud technologies drive productivity. But they also open the door to data theft and advanced attacks that can slip right by anti-virus, URL filtering and firewall defenses. A continued focus on siloed controls is insufficient for today’s threats as attacks are highly advanced, well-funded and persistently targeting enterprise environments.

Larry Wilson

Larry Wilson
Chief Information Security Officer
University of Massachusetts
Biography

Security vs Risk vs Privacy: Who Leads the Charge?

As the field of security has evolved, so has the role of the Chief Information Security Officer, but debates are heated regarding exactly what responsibilities this title-bearer should assume. Although the classic model calls for a CISO with a strong technical background to manage enterprise level security efforts, many global organizations have shifted from a focus on information security programs to a holistic risk management approach, which calls for a more business savvy CISO. Others have found combining their privacy and security teams under single leadership can help to manage risk. Others still see security, risk and privacy as vital roles that merit their own c-suite members. What’s the best model? Join our conversation to debate the merits for the CISO as a risk and privacy officer and share your insight about the evolution of the CISO role.

Mike Towers

Mike Towers
Executive Information Security Officer
Actavis, Inc.

Defending Against Advanced Threats in an Ever-evolving Threat Landscape

The cyberspace environment is extremely dynamic and unfortunately, new vulnerabilities and threats emerge on a daily basis. Security leaders must develop and employ various offensive and defensive strategies to defend the enterprise and minimize risks at an acceptable cost. Join our discussion to learn how your peers are addressing advanced threats from internal, external and global sources, and share your own insights on protecting your enterprise in the evolving threat landscape.

Todd Bearman

Todd Bearman
Chief Information Security Officer
Tower Watson
Biography

The Growing Complexity of IT Security: How Do We Manage?

IT Security is undoubtedly a cat and mouse game. As technology threats grow in complexity, security leaders work tirelessly to develop new methods for identifying and thwarting attacks. But the fact remains— there is no such thing as absolute security. In the future, IT-dependent societies must be capable of withstanding an attack, or surviving an attack and recovering, without the descent into chaos. Join us to take a deep dive into the concept of developing and maintaining resilience as a central focus for your contemporary security strategy.

2:45 PM : Break

3:00pm : Registration

Location: Pre-Function area of New York Atrium, 9th floor

2:55 PM : Nominee Showcase Presentation #1

Location: Ambassador 3, 2nd Floor
Chuck Hudson

Charles Hudson
Executive Director, Security Strategy and Architecture
Comcast Corporation
ISE® Northeast People's Choice Award Winner 2014
ISE® Northeast Executive Award Finalist 2014
ISE® North America Executive Award Finalist 2014 - Commercial Category

Biography

Through the Vendor Risk Looking Glass
Untethered vendor access is an increased security and business risk for many companies due to lack of visibility and control over vendors with access to critical infrastructure. To help remedy this significant security issue, the team at Comcast developed a program that would allow them to integrate vendor external profiles and internal vendor resource activities to provide a 360° single pane of glass view for its IIS, GRC Leadership and SOC teams. The Comcast 360 Vendor Risk Assurance Program The program provides a holistic defense against the targeted attacks leveraging the vendor as a threat vector. Learn how the Comcast team was able to maximize organizational efficiencies and improve the timely responsiveness of its security teams and vendor groups to drive successful vendor risk management.

3:15 PM: CISO Deep Dive: Executive Leadership

Location: Ambassador 3, 2nd Floor

An industry cross section of ISE Alumni and leading security executives explore today’s hottest security trends and issues and the key challenges they are facing now and in the future.

Moderator

Pete Lindstrom

Pete Lindstrom
Research Director Security Products
IDC
Biography

Panelists

Linda Cooper Angles
CISO
FXall, A Thomson Reuters Company (a platform for trading on foreign exchanges)
Biography

David Cass

David Cass
CISO
Fortune 50 Company
Biography

John Masserini
Chief Security Officer
MIAX Options
Biography

Jay Wright
Information Security Officer
Citigroup Inc.
Biography

4:00 PM : Nominee Showcase Presentation #2

Location: Ambassador 3, 2nd Floor
Dan Solero

Dan Solero
Executive Director, Tech Security
AT&T
Biography

Redefining Cloud-based Security
It’s no secret that traditional perimeter-based security models cannot adequately protect your enterprise in today’s threat landscape. With this in mind, the team at AT&T set out to develop a solution that could deliver an API-based architecture, which could decouple hardware and software components of network security devices to provide security software as a service, built within a distributed cloud environment, and integrated within the cloud provisioning process. Their Astra ecosystem is comprised of software-enabling virtual security services delivered via APIs, creating micro-perimeters of protection around applications based on automated intelligent provisioning. The technology also consumes threat intelligence and security event analysis via API, which enables the team to identify and mitigate events that previously had no solution. Learn how the AT&T team was able to redefine security in the cloud with their pioneer approach to application protection.

4:20 PM : Nominee Showcase Presentation #3

Location: Ambassador 3, 2nd Floor
Bill Sztabnik Bill Sztabnik
Director, Security Engineering
Citi
Biography

Dissolving Divestiture Discord
Divestitures create an inherent conflict of interest between the buyer and the seller. Understandably, the buyer wants immediate control of their newly acquired assets while the seller wants to ensure that the buyer does not get access to their own core non-divested data or intellectual property. Additionally, the seller wants to complete the transition securely and reduce all potential avenues of data loss. In order to ease this transition for both parties, Citi developed their Advanced Third Party Management system to provide a consistent and systematic methodology to separate these divested IT assets and workers using a repeatable framework that reduces the information security risk to Citi. Learn how the Citi team, has made significant advances in securing this special niche area within the InfoSec world and successfully implement the solution across multiple countries in multiple geographic regions.

4:45 PM: Late Afternoon Break

5:00 PM : VIP Reception (invitation only)

Location: Pearl, 9th Floor

ISE® Nominees, sponsors and special guests will have the opportunity to network in a private setting with beverages and appetizers.

6:00 PM : Sponsor Pavilion and Dinner Buffet

Location: New York Atrium, 9th floor

Guests enjoy gourmet dinner while networking and meeting the sponsors. Honoring and celebrating the award nominees for 2015, this exciting occasion will bring together top security executives to recognize the individuals who have made significant and positive impact on their organizations through exemplary performance.

7:30 PM : ISE® Northeast Awards Gala

Location: Majestic Ballroom, 5th floor

Honoring and celebrating the ISE® Northeast Award Nominees, this exciting occasion will bring together top security executives to recognize the individuals and the project teams who have made significant and positive impact on their organizations through exemplary performance.

9:00 PM : Champagne and Dessert Reception

Location: Majestic Foyer, 5th floor

Enjoy champagne and dessert while celebrating the winners, nominees and project teams. Don't miss the Passport for Prizes drawing and a chance to win outstanding gifts from our ISE® sponsors.