Cybersecurity: Crucial Collaborations

Transcription

1 assazzz

2 Cybersecurity: Crucial Collaborations Day One Thursday, January 18, 2018 Registration and Continental Breakfast: : 8 8:30 am Opening Remarks 8:30 8:40 am 8:40 9:40 am The Next Wave:The Fully Engaged Board and the Quantification of Cybersecurity Value True organization-wide, cross-functional cybersecurity strategy requires a fully engaged board and leadership that can quantify the return on cybersecurity investments. Understand the latest developments on both fronts and how to bring them to your organization. Larry Clinton, President and Chief Executive Officer, Internet Security Alliance 9:40 10:50 am The Cross-Functional Challenge of Measuring Risk Appetite Measuring, and making decisions based on, cyber risk appetite poses unique challenges in assessing and communicating constantly-evolving threats. Gain insights on the collaborations and communications required to fully integrate cybersecurity into risk management. G. Sonny Cave, EVP, General Counsel, Chief Compliance & Ethics Officer, Chief Risk Officer and Corporate Secretary, ON Semiconductor Talvis Love, SVP ecommerce, Enterprise Architecture & Chief Information Security Officer, Cardinal Health Morning Networking Break: 10:50 11:05 am 11:05 am 12:20 pm Scenario 1: Third Party Risk and IP Under Attack In interactive role-playing exercises conducted over the two days of the conference, attendees will work through security, privacy, legal, communications, and other business decision points arising from cyber-attack scenarios, and learn from cybersecurity leaders across functions. Our first scenario explores choices around third party risk and defense of intellectual property and trade secrets. Pamela Passman, President and CEO, Center for Responsible Enterprise and Trade (CREATe.org) Craig Moss, Chief Operating Officer, Center for Responsible Enterprise and Trade (CREATe.org) 12:20 1:00 pm Insiders and Immune Systems: When Rules and Signatures Don t Work Rules and signatures struggle to keep pace with rapidly evolving cyber attacks. From insiders to sophisticated external attackers, the reality of cyber security often is that the threat is already inside. Specialists from the University of Cambridge developed a new approach to such threats, using unsupervised machine learning and probabilistic mathematics to establish an accurate understanding of normal behavior in an organization, across every network, device, and user; it spots abnormal activity as it emerges, and takes action to curb the threat. In this session, see real-world examples of unknown threats detected and contained through this technology, and explore its relevance to resource allocation and mitigation of risk. Brad Hong, Cyber Security Regional Manager, Darktrace Dan Fein, Senior Cyber Technology Lead, Darktrace Lunch: 1:00 2:00 pm 2:00 pm 2:45 pm Case Study: How Microsoft Transformed its Cyber Security Governance Explore the reasons behind, the process of, and the results emerging from Microsoft s transformation of its cyber security governance. Lisa Reshaur, Ph.D., Senior Director, Governance, Risk, Continuity and Compliance, Digital Security and Risk Engineering, Microsoft 2:45 3:30 pm The Cybersecurity-Privacy Partnership As cyberatacks lead to ever-larger breaches of private data, the missions of privacy and cybersecurity become increasingly interconnected. Yet the language, metrics and goals of each function may not always align. Explore actionable strategies for robust, effective collaborations that advance critical cybersecurity and privacy goals. Lydia Payne Johnson, Chief Privacy Officer, Freddie Mac Afternoon Networking Break: 3:30-3:45 pm 3:45 4:30 pm Transcending Silos with a Compliance Framework Learn how to use a compliance framework to break through silos around cybersecurity, privacy, and ethics and compliance, coordinating not only on response but on training and defense. Paul Flanagan, Assistant Professor, Drexel University Thomas R. Kline School of Law; Former Executive Director of Compliance and Privacy Services, Drexel University For sponsorship opportunities, please contact michael.felden@conferenceboard.org

3 4:30-5:15 pm Conference Board Research: Digital Transformation and Evaporating Boundaries In this interactive session, attendees will build from the Conference Board research study, Driving Digital Transformation: Why Culture and Structure Matter to explore the particular security challenges and opportunities raised by the push to facilitate open-source, boundary-defying collaborations among internal and external stakeholders. Mary Young, Principal Researcher, The Conference Board Closing Remarks: 5:15-5:25 pm Day Two Friday, January 19, 2018 Continental Breakfast: 8:00 8:30 am Opening Remarks: 8:30 8:40 am 8:40 10:00 am Scenario 2: Ransomware In our Day 2 interactive role-playing exercise, we explore who is part of the decision-making and response, before, during and after a ransomware attack. Robert Clyde, Vice Chair, Board of Directors, ISACA 10:00 10:45 am How Your Business Becomes Russia s Business: Understanding the Players, Methods and Motives behind Russian Cyberattacks Russian political cyber- and information warfare have captured the headlines, but they are one part of a larger cybercriminal enterprise against which your organization is likely to be vulnerable. Understanding their capabilities and methods provides special insights into current threats and how to defend against them. Ambassador David J. Smith, Professor of Cybersecurity Policy, Utica College Dr. Khatuna Mshvidobadze, Adjunct Professor of Cybersecurity, Utica College Morning Networking Break: 10:45-11:00 am 11:00 11:45 am The Battle for Cybersecurity Talent: Creative and Collaborative Solutions Research indicates that the challenges of recruiting cybersecurity talent are only going to intensify in the near term. Are there alternatives to fighting over a too-small talent pool? Learn of new initiatives and creative, actionable solutions to bolster your organization s cybersecurity talent. Robert Clyde, Vice Chair, Board of Directors, ISACA 11:45 12:30 pm Case Study: Public-Private Partnerships in IoT Innovation Learn how BD manages and benefits from a network of partnerships with the FDA, DHS, and the security research community in the development of innovative and secure IoT devices. Edison Alvarez, Sr. Manager, Product Security Engineering, BD Lunch: 12:30 1:30 pm 1:30 2:30 pm Strengthening Lines of Communication: Information Sharing among Business, Government, and Academia Cybersecurity leaders from the private sector, public sector, and academia discuss why and how to enhance information sharing on cyber threats. Moderator: Jason Healey, Senior Research Scholar, School for International and Public Affairs, Columbia University; Senior Fellow, Cyber Statecraft Initiative of the Atlantic Council Panelists: Anthony Ferrante, Former Director for Cyber Incident Response & Cybersecurity Policy, National Security Council D. Frank Hsu, Clavius Distinguished Professor of Science, Dept. of Computer and Information Science, Fordham University Talvis Love, SVP ecommerce, Enterprise Architecture & Chief Information Security Officer, Cardinal Health Lydia Payne Johnson, Chief Privacy Officer, Freddie Mac 2:30 3:15 pm Building a More Defensible Cyberspace: The New York Cyber Task Force Report How can cyberspace be made more defensible without sacrificing the utility, flexibility, and convenience that has made the Internet so essential? The members of the NY Cyber Task Force sought to address this question with a focus on leverage: those innovations across technology, operations, and policy which grant the greatest defender advantage at the least cost and greatest scale. The resulting report, drawing from a wide range of sectors and based on lessons from five decades of past efforts, brings new insights, particularly on the importance of operational innovations such as information sharing and organizational structures.

4 Learn how to take advantage of these findings in your organization. Jason Healey, Senior Research Scholar, School for International and Public Affairs, Columbia University; Senior Fellow, Cyber Statecraft Initiative of the Atlantic Council Afternoon Networking Break: 3:15 3:45 pm 3:45 4:30 pm The Human-Centric Future of Cybersecurity Learn how behavior-based security - an approach that sees the human factor as a design imperative instead of a necessary evil - is changing the future of cybersecurity. Jim Routh, Chief Security Officer, Aetna Closing Remarks: 4:30 4:45 pm For sponsorship opportunities, please contact michael.felden@conferenceboard.org

5 REGISTRATION INFORMATION Online Phone :30 am 5:30 pm ET, Monday Friday Seminar Pricing: Members $1,795 Non Members $1,995 Fees do not include hotel accommodations. Location The Conference Board Conference Center 845 Third Avenue (Between 51st and 52nd), 3rd Floor New York, NY Customer Service: Cancellation Policy Full refund until three weeks before the meeting. $500 administration fee up to two weeks before the meeting. No refund after two weeks before the meeting. Confirmed registrants who fail to attend and do not cancel prior to the meeting will be charged the entire registration fee. Team Discounts per Person For a team of three or more registering from the same company at the same time, take $300 off each person s registration. One discount per registration. Multiple discounts may not be combined The Conference Board, Inc. All rights reserved. Program subject to change. January 2018