Vince Arneja Arxan Technologies

Similar documents
Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Global Security Consulting Services, compliancy and risk asessment services

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

January Disrupting the B2B. Cyber Security Market WHITEHAWK, Inc. All Rights Reserved Empowering a Fearless Internet

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

CYBER SOLUTIONS & THREAT INTELLIGENCE

CYBERSECURITY. The Intersection of Policy and Technology YOU RE HERE TO MAKE A DIFFERENCE ṢM

Cyber Security Strategy

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

Impact of Enterprise Security Risk Assessments on Integrators & Manufacturers. J. Kelly Stewart Steve Oplinger James Marcella

UNITED STATES OF AMERICA BEFORE THE FEDERAL COMMUNICATIONS COMMISSION WASHINGTON, DC 20554

Solutions Technology, Inc. (STI) Corporate Capability Brief

Cybersecurity & Privacy Enhancements

Department of Management Services REQUEST FOR INFORMATION

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Cybersecurity. Securely enabling transformation and change

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Protecting your data. EY s approach to data privacy and information security

SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES

Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016

Cybersecurity Overview

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management

Investigating Insider Threats

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

CCISO Blueprint v1. EC-Council

Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.

Moderator: Tino Mantella President, Tier4 Advisors

locuz.com SOC Services

TRAINING WEEK COURSE OUTLINE May RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I.

Effective Practices for Insider Threats and Third-Party Risk Management Thursday, February 22 10:00 a.m. 11:00 a.m.

ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016

M.S. IN INFORMATION ASSURANCE MAJOR: CYBERSECURITY. Graduate Program

Cyber Security and Cyber Fraud

Are we breached? Deloitte's Cyber Threat Hunting

Statement for the Record

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

How Secure is Blockchain? June 6 th, 2017

Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m.

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

NEXT GENERATION ENCRYPTION AND KEY MANAGEMENT MEDIA OVERVIEW

Sage Data Security Services Directory

Ben Eu. Summary. Experience. Associate Partner, Infrastructure & Endpoint Security at IBM

Les joies et les peines de la transformation numérique

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Cyber Security Incident Response Fighting Fire with Fire

Strengthening Capacity in Cyber Talent sans.org/cybertalent

Building the Cybersecurity Workforce. November 2017

Keeping Your SOCs Full. May 26, Strengthening Capacity in Cyber Talent sans.org/cybertalent

Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m.

Business continuity management and cyber resiliency

Fundamentals of Cybersecurity Controls Thursday, February 11 10:00 a.m. 11:00 a.m.

Cyber Crime Seminar 8 December 2015

White Paper. View cyber and mission-critical data in one dashboard

GDPR Update and ENISA guidelines

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

Jeff Wilbur VP Marketing Iconix

Copyright 2016 EMC Corporation. All rights reserved.

Department of Homeland Security Updates

Risk Advisory Academy Training Brochure

Anatomy of a Data Breach: A Practical Guide for Small Law Departments

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

The Honest Advantage

CYBERSECURITY AND THE MIDDLE MARKET

CLOUD RISK AND GOVERNANCE Professional services for the enterprise

Defending Our Digital Density.

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

Investor Presentation CAT, INC. Ground Breaking Cyber Security Solutions. Cyber Attack: A Global Phenomenon

Cyber Security: It s all about TRUST

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

Driving Global Resilience

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Changing the Game: An HPR Approach to Cyber CRM007

National Policy and Guiding Principles

Digital Forensics. Graduate Certificate

CITY OF MONTEBELLO SYSTEMS MANAGER

Sirius Security Overview

Security by Default: Enabling Transformation Through Cyber Resilience

Cybersecurity and the Board of Directors

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

BHConsulting. Your trusted cybersecurity partner

Combating Cyber Risk in the Supply Chain

The Integrated Auditor: Becoming the Go-to Resource Your Company Needs APRIL 24, 2018

Accelerate Your Enterprise Private Cloud Initiative

Transcription:

Valerie Abend Senior Critical Infrastructure Officer Office of Comptroller of the Currency (OOC) Regulatory Impact on Outsourcing and 3rd Party Risk Management Valerie Abend is the Senior Critical Infrastructure Officer for the Office of the Comptroller of the Currency (OCC). She has over 20 years of public and private sector experience. Prior to coming to the OCC Valerie was a Managing Director with BNY Mellon where she started as the Head of Global Business Partners for Information Risk Management and later was appointed to be the Corporate Senior Information Risk Officer for BNY Mellon s largest line of business - Asset Servicing. Prior to joining BNY Mellon, Valerie was an official with the Federal Reserve Board, and was appointed by the President as Deputy Assistant Secretary for Critical Infrastructure Protection and Compliance Policy at the U.S. Department of the Treasury. While at the Treasury, she led the sector s public-private partnership for security and resilience of the financial sector, developed and led market wide exercises, and developed and directed the U.S. Government s national and international crisis management protocols for addressing both financial and operational crises. Before Treasury she spent six years at KPMG LLP where she held a variety of positions including Associate Director for Public Policy and the firm s Homeland Security Coordinator. Valerie has received multiple awards including the Financial Services Roundtable s Leadership of the Year Award and the Excellence in Service Award from Secretary Henry M. Paulson, as well as special recognition from the Director of National Intelligence, the U.S Secret Service, and the regional partnership coalition ChicagoFIRST. Valerie has served on the Executive Committee of the Financial Services Sector Coordinating Council, where she Co-Chaired the Policy Committee. She also served on the Board of Directors for the Internet Security Alliance, and is a member of the Executive Women s Forum. She received her BA in Political Communications and a Masters in Public Administration both from The George Washington University. Vince Arneja Arxan Technologies Protect Your Mobile Banking and Financial Apps from Emerging Attacks Vince Arneja brings over 20 years of experience in senior and executive level technical product and program management positions with the last 13 years focused on product management in the domains of application, endpoint and network security. Mr. Arneja joined Arxan in 2007 from Sigaba, a leading email encryption provider, where he led Government and Commercial Product Management. Mr. Arneja s responsibilities include leading product strategy, defining corporate product roadmaps, pricing and positioning. Prior to Sigaba, he served in a variety of senior product and program management roles at various software companies where his accomplishments include leading product teams and creating product portfolios. Mr. Arneja started his career as a software developer after working towards a Bachelor's degree in CIS from Thomas Edison State College. He is also a graduate of the Executive Product Management Program at University of California, Berkeley.

Steve Attias Vice President and CISO New York Life Data Leakage Protection Panel Steve Attias is Vice President and Chief Information Security Officer in the Enterprise Technology Department. With over 35 years of experience at New York Life, Mr. Attias is responsible for developing, maintaining and monitoring enterprise-wide information protection programs, policies, standards, and procedures. As CISO, he is also responsible for adequately designing and coordinating security administration procedures that enable access to New York Life information resources in accordance with New York Life Security Policies, Standards and Procedures. In this position, Mr. Attias has enhanced the Enterprise Security Program to meet the requirements of a new regulatory environment that stresses the importance of maintaining the privacy of customer information. He has also led the effort to enhance New York Life s ability to conduct business safely on the Internet. This includes building a common set of components to be reused by web-based applications. Recent accomplishments include the implementation of an outbound electronic content filtering system. The Information Security Program at New York Life has been enhanced to include frequent security awareness activities, an application risk assessment built into the software development lifecycle, and continuous testing of the computing infrastructure as part of the vulnerability management process. Mr. Attias s previous positions at New York Life included increased levels of management responsibility covering Computer Operations, Systems Software, Telecommunications and IT Architecture. His achievements in these areas include: Initiating the development of a Plan/Build/Run operating framework Establishing the initial data center environment for Unix Systems Installation of the Tivoli Management System Co-authored architecture for a new technology system to support New York Life agents and managed initial implementation of infrastructure development for that project. Mr. Attias earned his BS from the State University of New York at Stony Brook in 1974 and his MS from the Polytechnic Institute of New York in 1980. He is Fellow of the Life Office Management Association and earned his CISSP (Certified Information Systems Security Professional) designation through the International Information Systems Security Certification Consortium (ISC2) in 2001. Mr. Attias was recognized by IDG s Computerworld as one of the Premier 100 IT Leaders of 2003. In 2004, the Information Systems Audit and Control Association named him a Certified Information Security Manager (CISM) and in 2011 granted him the Certified in Risk and Information Systems Control (CRISC) designation.

Anthony Barkley Director, Security Intelligence Group Symantec The Art of Cyber War: Know Thy Enemy, Know Thyself Anthony Barkley is an accomplished information security practitioner working in IT across multiple industries for 20 years and over a decade with his primary focus on security for large enterprise and service provider infrastructure. At Symantec, Anthony is responsible for the Program Management Office across the Strategy and Security Intelligence Group, leadership of the Intelligence Analyst team; as well as, strategy and execution of Symantec's internal and external Cyber Wargames program. professional experience includes product management, leading consulting and business development teams, information security strategy and architecture, information systems integration, information risk management, teaching, and project management from concept through implementation. Anthony joined the Strategy and Security Intelligence Group after 2 years as a Security Strategists, responsible for security strategy and direction, industry trends, threat landscape, best practices as 2 well as function as a trusted advisor to security executives, senior management and executives of our largest customers. he was an extension of Symantec's CTO Office and works closely with the Business Unit executives to focus on the real world IT security challenges our customer face to drive Symantec's overall security direction. Prior to that assignment, Anthony led the national principle organization for Symantec's Enterprise Security Practice (ESP) for over 2 years. Engaging with our top clients, Anthony took a leadership role throughout the business life cycle to perform business development, engagement management, and security program analysis for strategic initiatives. During this time he also lead the development and deployment of the Symantec Security Program Assessment (SSPA) and the Symantec Security Management Model (SSMM). Anthony joined Symantec via the @stake acquisition where he started as a Managing Security Architect for the Southeast region and ultimately moved up to the Director of Security Architecture. While with @stake, Anthony was responsible for managing internal and external project teams on complex architecture projects involving business leaders, technical experts, and end users. These projects included risk analysis, penetration testing, network and system vulnerability assessment, secure architecture design, software selection, system hardening, policy/procedure development, incident response and security awareness training. Andreas Baumhof ThreatMetrix Inc. Proactive Tactics for Avoiding Attacks and Data Breaches Andreas Baumhof is an internationally renowned cybersecurity thought leader and expert with deep experience in the encryption, PKI, malware and phishing markets. His commentary has appeared in numerous publications including SecurityWeek, The Paypers, Dark Reading, Computerworld, CIO, PC Magazine, BankInfoSecurity, SC Magazine, American Banker, Payments Market, Digital Transactions and others. Prior to ThreatMetrix, Mr. Baumhof was an executive director, CEO and co-founder of Australian-based TrustDefender, a leading provider of security and fraud detection technologies. Mr. Baumhof previously served as Co-Founder and Chief Technology Officer of Microdasys Inc., a leading provider of deep content security solutions. While there, he developed the first SSL proxy and has patents pending in Europe and the U.S. Mr. Baumhof holds a degree in Mathematics and Computer Science from the University of Munich, Germany.

Charles Beard CIO SAIC & GM of SAIC Cyber Business Unit SAIC Optimizing Threat Detection/Prevention Based on Trust Charles Beard currently serves as chief information officer and senior vice president for Science Applications International Corp. Prior to joining SAIC, Beard served as director of Aerospace and Defense consulting for the Oliver Wyman division of Marsh & McLennan, where he worked as a strategic advisor. Charles began his career as a Space and Missile Operations Officer in the U.S. Air Force and was later recruited by KPMG to provide program management support for government hightechnology development efforts. Beard also worked as senior vice president for Global Transportation and Industrial Markets at KPMG Consulting, leading the company s strategy and operations services for fortune 500 transportation providers and discrete.manufacturers. Throughout his career, Beard has helped executive management teams restructure their organizations and operations, plan market development strategies, and work to implement global manufacturing and supply chains. Beard earned a bachelor s degree from Texas A&M University and a MBA from the University of Montana. During his federal career Mr. Lentz served as Chair of the National Space INFOSEC Steering Council (NSISC), led the DoD Insider Threat Steering Group, was a principal member of the Presidential Sub-Committee on National Security Systems (CNSS), was a leader of the DoD IA Steering Council, and the IA Domain Owner of the Global Information Grid Mission Area. As CISO, Mr. Lentz was a member of the DoD CIO Executive Council. He also served as DoD liaison to several private sector boards, including the Center for Internet Security (CIS), the Common Vulnerabilities & Exposures (CVE) Senior Council, the International Cyber Center Advisory Board and SAFEcode. He is currently a partner in the Security Innovation Network (SINet), a senior cyber advisor to University Maryland University College and on the board to FireEye, Nok Nok Labs, and Sypris Solutions. Mr. Lentz received the NSA Resource Manager of the Year Award, the Defense Meritorious Service Award, Presidential Rank Award and Federal 100 award. He also received the highest-level honorary award the Department can bestow on a civilian employee, the prestigious Secretary of Defense Distinguished Civilian Service Award and the Top 20 Excellence.gov Award. In 2008, he was named Information Security government Executive of the year for the Middle Atlantic region, culminating as the North American Executive of the year. He received the DoD and NSA Medals for Distinguished Civilian Service. Additionally he was the recipient of the RSA award for Excellence in the Field of Security Practices and SANS Cyber Security Leader of the year. Mr. Lentz is a graduate of the National Senior Cryptologic Course, Federal Executive Institute, Harvard Business School in Strategy Planning, and the Resource Management Course at the Naval Postgraduate School. He earned a Bachelor s Degree with a double major from Saint Mary's College of Maryland and a Masters Degree from the National War College. Mr. Lentz founded Cyber Security Strategies to assist governments, and enterprises with cyber security strategies and proven solutions to gain competitive advantage with their cyberspace dependent missions & business.

Rohyt Belani CEO PhishMe, Inc. Proactive Tactics for Avoiding Attacks and Data Breaches Prior to starting PhishMe, Rohyt has served as Managing Director at Mandiant, Principal Consultant at Foundstone, and Researcher at the Software Engineering Institute. He is also an Adjunct Professor at Carnegie Mellon University. He is a contributing author for Osborne's Hack Notes Network Security, as well as Addison Wesley's Extrusion Detection: Security Monitoring for Internal Intrusions. Rohyt is a regular speaker at various industry conferences including Black Hat, OWASP, Hack in the Box, InfoSec World, and several forums catering to the FBI, US Secret Service, and US Military. He has written technical articles and columns for online publications like Securityfocus and SC magazine, and has been interviewed by CNBC, CNN, BBC, Forbes magazine, eweek, and other mainstream media. Rohyt holds a Bachelor of Engineering degree from Bombay University, and a Master of Science from Carnegie Mellon University. Nish Bhalla SD Elements Continuous Monitoring How the New Requirements Are Driving Change in the Enterprise Nish is a frequent speaker on emerging security issues. He has spoken at reputed Security Conferences such as RSA, Black Hat, Reverse Engineering Conference, HackInTheBox, Shmoocon, CSI and ISC2's Infosec Conference. Mr Bhalla, the founder of Security Compass, SD Elements and SecurityByte, has been interviewed by and quoted in many publications. Nish has published multiple articles, and also co-authored & contributed to many books including Hacking Exposed Web Applications (2nd Edition), Buffer Overflow Attacks: Detect, Exploit & Prevent, Windows XP Professional Security, HackNotes: Network Security and Writing Security Tools and Exploits. Nish has also been involved in many open source projects.

Anish Bhimani Chief Information Risk Officer JP Morgan Chase Members Only Session: Proactive Defense Anish Bhimani is Managing Director and Chief Information Risk Officer of JP Morgan Chase. In this role, he has global responsibility for ensuring the security, controls and resiliency of the firm s technology environment. He is also a member of the JPMC Technology Leadership team. Mr. Bhimani also serves as Chairman of the Board of the FS/ISAC, an industry-wide organization chartered with facilitating information sharing among the various members of the financial services sector, as well as government agencies. He has served as Chairman of the FS/ISAC since 2011, and on the Board of Directors since 2009. He also sits on the Risk Committee of The Clearing House, and the Security for Business Innovation Council. He was recently named Information Security Executive of the Decade for North America by Tech Exec Networks, and was named to Bank Technology News Top 25 Innovators list in 2008 for his novel approach to information risk management. Prior to joining JPMC, Mr. Bhimani served in various roles at Booz Allen Hamilton, Predictive Systems, SAIC, and Bell Communications Research. Mr. Bhimani has written numerous articles, and has lectured around the world on topics related to information security. He is the co-author of Internet Security for Business (Wiley & Sons, 1996), and a U.S. patent holder. Mr. Bhimani received a Sc.B. in Engineering from Brown University and an M.S. in Information Networking from Carnegie- Mellon University. Scott Borg Director (CEO) US CCU Protect Your Mobile Banking and Financial Apps from Emerging Attacks Scott Borg is the Director and Chief Economist of the U.S. Cyber Consequences Unit (US-CCU), an independent, non-profit research institute that advises the U.S. government and critical infrastructure industries on the strategic and economic consequences of possible cyber-attacks. He is widely regarded as the leading authority on the economics of cyber security, as well as certain technical topics. He has done pioneering research on the possible impact of cyber attacks on critical infrastructure industries and on the implications of cyber attacks for defense policy. In collaboration with John Bumgarner, he wrote The US-CCU Cyber-Security Check List, a practical tool used by security professionals in over eighty countries. He also wrote the soon-to-be-released ISA Guidelines for Securing the Electronics Supply Chain, a comprehensive reference document. He has commented frequently on cyber security for major broadcast networks, including NBC, CNN, CBS, Fox Business News, NPR, and the BBC. He has been a guest lecturer at Harvard, Yale, Columbia, and other leading universities. He was a member of the Commission on Cybersecurity for the 44th Presidency and has served on many other advisory bodies. His record for anticipating new cyber-security developments since 2002 is probably unequaled. He publicly predicted Stuxnet, for example, including all of its main features and its exact target, fourteen months before it was discovered. In collaboration with his US-CCU colleagues, he has recently begun offering courses in cyber threat analysis, cyber consequence analysis, and cyber vulnerability analysis, demonstrating how to quantify all of the main factors needed to determine cyber risks.

Justin Borland, CTY, GCIH, Senior Analyst Equifax Enabling Automated Cyber Intelligence Sharing Using the FS-ISAC Cyber Intelligence Repository Justin Borland is a Senior Analyst in the Equifax Cyber Intelligence Center (EFX CIC) and currently holds SANS GIAC Certified Incident Handler and GIAC Reverse Engineering Malware certifications. Prior to joining Equifax, he worked as a Senior Incident Response Specialist at Research In Motion and Atomic Energy of Canada Limited. During his career, Justin has engineered and deployed an extremely large scale Snort deployment (105+ sensors) as well as developing and implementing a custom enterprise full PCAP solution, DNS Sinkhole, and managing hundreds of Linux systems. He has also automated countless SecOps processes through custom tool creation. In his free time, Justin has also participated in numerous contract development engagements, creating a custom Linux appliance for a leading Cloud Computing and Big Data Security firm. He is also very active in numerous information sharing forums, specializing in network forensics and malware analysis. Mark Bower Vice President, Products Voltage Security Implementing Secure File Sharing: Addressing the Business Need While Maintaining Control Mark Bower is a noted expert in data protection solutions, with over two decades of industry and technology experience in this area. Mark is heavily involved in industry standards bodies including the PCI Security Standards Council and the Security POS Vendors Alliance (SPVA). He has authored several patents for e-commerce technology innovations in POS software management and remote control, based on his extensive experience in banking and payment solutions.

Tim Byrd Senior Vice President Bank of America Members Only Session: Evolution of DDOS Attacks and Best Practices Tim Byrd is a Senior Vice President in Global Information Security at Bank of America. Over the past nine years, Tim has delivered results that align technology initiatives with business goals to provide improvement in risk monitoring, assessment and mitigation. With his extensive knowledge in threat management, he has built a responsive IT organization committed to reducing risk, enhancing security and ensuring resiliency. Tim currently provides strategic direction for the Distributed Denial-of-Service and Advanced Persistent Threat programs to design and build operational controls and create end-to-end strategy. He and his team are focused on creating a secure technology infrastructure while positioning the bank to effectively respond to cyber attacks. Previously, Tim managed the Threat Analysis and Vulnerability Assessment (TAVA) program consisting of over 100 information security professionals. The program used a portfolio of controls and threat feeds including Threat Management, Vulnerability Scanning, Compliance Monitoring, Application Assessment, Ethical Hacking, High Volume Scanning, Source Code Assessments, Developer Training, Mobile Application Assessment, FFIEC Assessments, Red Team, Critical Supplier Vulnerability Modeling and Supplier Governance. Under his leadership, Tim also led the Enterprise Security Assessments team that managed controls included in the TAVA program excluding Threat Management but including PCI Adherence. As manager of the Insider Threat Data program, he executed solutions aimed at preventing and detecting insider activity and implemented controls to monitor, assess and mitigate risks. While focused on strategic solutions, Tim implemented numerous controls and standards to help safeguard customer information and protect the bank s reputation. These controls included data-in-use, data-at-rest, NPI-in-motion, encrypted email monitoring, webmail blocking and risk evaluation. Among his many accomplishments, Tim was instrumental in expanding NPI monitoring to the global enterprise while utilizing current controls to monitor the increasing social media space. He also led a threat management team that developed and deployed an end-to-end process for risk evaluation of all cyber threats. This dynamic process used an industry standard scoring methodology to remove subjectivity and assist senior leaders in prioritizing initiatives and properly allocating resources. Tim received a Bachelor of Science in Management Information Systems from UNC-Charlotte in Charlotte, NC. Recognized as a technology leader, he was elected to the BITS Security Steering Committee in 2011 and Vice Chair in 2013. In 2006, Tim was awarded the prestigious Bank of America Award of Excellence recognizing the top 1% best of the best in the company. In addition to his background in threat management and risk mitigation, Tim also worked on merger and acquisition projects for MBNA, Fleet, LaSalle, Countrywide and Merrill Lynch. Tim s innovative ambition also enticed him to create two products he has submitted for patents: Bank Card Fraud Protection System, United States Patent 7,980,464, patent pending and Apparatus and Methods for Card Dispensing, United States Patent application 20100114767. Tim currently resides in the Charlotte area with his wife and five-year-old twins.

Lori Cairns Vice President Technology Credit Union Banking Fraud Prevention Case Studies: Fraud Threats and How Bankers are Using Anomaly Detection to Successfully Defend Against Them Lori's tenure in the financial fraud industry spans over a decade and includes large to small financial institutions as well as startup companies within the Silicon Valley/Bay Area. Prior to joining the private sector, she was a municipal law enforcement officer for twelve years in the state of Florida. She holds a Bachelor of Professional Studies degree in Human Resource Management and a Master of Science degree in Economic Crime Management. In addition, she is a Certified Fraud Examiner (CFE) and a Certified Anti-Money Laundering Specialist (CAMS). She is active in financial crimes information sharing groups and is a regular speaker. She has spoken with Guardian Analytics at varying events including the Guardian Analytics Customer Conference and the Credit Union IT Risk Management and Security Summit. Michele Cantley CISO Regions Data Leakage Protection Panel Michele is responsible for the Information Security Department which encompasses information security operations and e- fraud; data security and user provisioning; information security engineering, architecture and vendor compliance; and PCI compliance. She has held this position since March 2004. Michele joined Regions in 1999 as Vice President and Manager of General Business Systems Application Development (AmSouth Bank). In 2002, she became Manager of Application Development and was named Senior Vice President in 2004. Prior to joining Regions, Michele served as the Regional Customer Service Manager for InfoCure; owned her own medical billing service (Omega Financial Services); and was District Manager for BellSouth Services supervising Marketing Information Systems and Process Improvement. She holds a bachelor s degree in Mathematics from Birmingham Southern College. Michele is currently serving on the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS- ISAC) and is co-chair of the FS-ISAC Payments Risk Council. She is a member of the BITS Security Steering Committee, the BITS Security Working Group and the BITS Advisory Council. In 2011, Michele served as the Chairwoman of the BITS Security Steering Committee.

Jay Chaudhry Founder and CEO Zscaler Securing Your Business for Mobility, Cloud Apps and Social Media Jay Chaudhry is a seasoned entrepreneur, innovator and trendsetter who has founded and funded several successful security companies including Zscaler, AirDefense, CipherTrust, CoreHarbor, Air2Web, and SecureIT. Chaudhry's 25 years of sales, marketing and engineering experience also includes leadership roles at leading companies such as IBM, NCR and Unisys. Chaudhry was honored as Entrepreneur of the Year in the US Southeast and as a finalist for the US National by Ernst & Young. He was named an Innovator & Influencer by Information Week magazine and "Who's Who" by the Atlanta Business Chronicle. He was recognized as a Market Entrepreneur by SC Magazine. He won Entrepreneur of the Year award from Catalyst magazine three times and has appeared in Atlanta's "Top 50 Names to Know" many times. Chaudhry founded AirDefense, which pioneered the wireless security market and had a successful merger with Motorola. He also founded CipherTrust, creating the industry s first email security gateway appliance and led its successful merger with Secure Computing. He also founded CoreHarbor, the first ASP for e-procurement solutions, which was acquired by USi/AT&T. In 1996, Chaudhry founded SecureIT, the first pure-play Internet security services company, as a self-funded venture. SecureIT experienced exponential revenue growth and was acquired by VeriSign, where Chaudhry served as vice president and general manager of the Security Services Division. Prior to that, he held various sales and marketing management positions at NCR, IBM, Unisys, and IQ Software. He holds a Master s in Computer Engineering, Master s in Industrial Engineering, and Master s in Business Administration from the University of Cincinnati. Aharon Chernin Manager, Security Automation DTCC Enabling Automated Cyber Intelligence Sharing Using the FS-ISAC Cyber Intelligence Repository Aharon Chernin currently works as the Manager of Information Security Automation at the Depository Trust and Clearing Corporation. He worked closely with DHS, Mitre, and US-CERT in creating the STIX and TAXII intelligence sharing standards. Aharon is also a member of the Open Vulnerability Assessment Language (OVAL) board, a member of the CVSS v3 sig, and is the chair of the FS-ISAC Security Automation Working Group. Jason Clark Chief Security and Strategy Officer Websense Enabling the Business CISO Keys to Surviving, Thriving and Driving Jason Clark is chief information security officer for Websense, Inc. Mr Clark is the corporate security speaker for Websense and has spoken at more than 25 events during 2012 including CISO Summits in all NA regions. As a previous customer and early adopter of Websense products, Clark is responsible for leveraging his technical knowledge and deployment expertise to help CXO executives and advise them on how to best take advantage of the Websense TRITON architecture and unified content security solutions. Clark brings more than a decade of senior IT security leadership to Websense. He previously served as CISO at Emerson Electric, a global Fortune 100 company, where he significantly decreased risk by building the security program for its 140,000 employees across 1,500 locations. This was Emerson Electric s single largest IT security project ever conducted. Prior to Emerson Electric, Clark was the director of information security at The New York Times and senior manager of security and infrastructure architecture at EverBank. Clark also served as a senior network and security engineer for BB&T and as a U.S. Army security systems engineer.

Chris Coleman VP of Product Strategy & Marketing Lookingglass Cyber Solutions Effectively Obtaining, Using and Gaining Value From High Volume Threat Intelligence Data Vice President of Product Strategy and Marketing Coleman brings over 20 years of experience in information security and technology and a strong balance of hands-on experience and business acumen to his role as Vice President of Product Strategy and Marketing at Lookingglass. He is responsible for leading and managing the Lookingglass product portfolio and will apply his vision to corporate messaging, product marketing and branding initiatives. Coleman translates the needs of the customer and ensures product development aligns with Lookingglass rapidly expanding customer base in the commercial and federal markets. Prior to Lookingglass, Coleman served as the Director of Cyber Security at Cisco Systems, Inc. where he focused on identifying solutions to critical customer challenges through delivery of Cisco and partner technologies for civilian, defense and intelligence organizations. Previously, Coleman served in key management roles with Integrated Data Systems and ManTech. During his tenure at ManTech, he was responsible for the remote security monitoring services and data hosting services profit and loss centers and managed ManTech s IT services and operations. Bryan Collie Vice President of Threat Management Goldman Sachs The Public-Private Information Sharing Challenge Simon Crosby Co-Founder & CTO Bromium, Inc. Isolation: The Next Security Frontier Simon Crosby is a co-founder and CTO of Bromium Inc., a company leveraging hardware virtualization to transform platform security. Previously Simon was CTO, Data Center & Cloud at Citrix Systems, which acquired XenSource, where he was cofounder and CTO. Along the way, Simon was a Principal Engineer at Intel, and founder & CTO of CPlane Inc., a software vendor in Software Defined Networking. A long time ago, he was a faculty member at the University of Cambridge, UK. He is author of 40 research papers and patents, and has been recognized by Infoworld in the Top 25 CTOs and CRN in the Top 25 IT Executives breaking the sound barrier in innovation.

Thomas Cross Director of Security Research Lancope Effectively Obtaining, Using and Gaining Value From High Volume Threat Intelligence Data Tom Cross is Director of Security Research at Lancope. He has over a decade of experience as a security researcher and thought leader. He is credited with discovering a number of critical security vulnerabilities in enterprise class software and has written papers on security issues in internet routers, securing wireless LANs, and protecting Wikipedia from vandalism. Tom was previously manager of the X-Force Advanced Research team where he focused on advancing the state of the art in network intrusion prevention technologies. He frequently speaks on security issues at conferences around the world, including Blackhat Briefings, FIRST, Flocon, and Security B-Sides. Tom Doughty VP & CISO Prudential Frontline Security Panel Prior to joining Prudential, Tom served as a Military Intelligence Officer specializing in Electronic & Information Warfare, along with emerging intelligence processing platforms. He joined Pru in 1998 as an Information Systems Auditor, and from 2000 until 2005 assumed responsibility as Business Information Security Officer for Prudential Securities Incorporated (PSI) in New York. As Vice President & Chief Information Security Officer since 2005, Tom is responsible for Prudential s end to end information security program including associated Policies & Standards, awareness & education, technical security protections for the IT infrastructure, security engineering, and security operations. Prudential s information security program is both internally and externally focused, and Tom collaborates with peer CISOs and public sector security professionals around emerging threats and associated control strategies. Tom serves on the Boards of Directors of the Wall Street Technology Association and of the Financial Services Top Level Domain (ftld) Registry, is active with the Financial Services Roundtable and BITS in Washington, DC as a security steering committee member, and participates in several information technology advisory groups including the Microsoft Trusted Advisor Council. He is a graduate of the United States Military Academy at West Point, and holds an MBA in Finance & Information Technology from New York University s Stern School of Business. Isabelle Dumont Director, Industry Marketing Palo Alto Networks Breaking the Lifecycle of the Modern Threat Isabelle leads industry initiatives at Palo Alto Networks with special focus on Telecommunications, Healthcare, Government and Financial Services. She has extensive experience in enterprise infrastructure, analytics, mobile computing and innovative, disruptive technologies in general. Prior to joining Palo Alto Networks in 2012, she held strategic marketing positions at Oracle, CollabNet, SEVEN Networks and IRI Software. Isabelle holds a Master of Artificial Intelligence.

Yaron Dycian VP Product Trusteer Exploit Prevention David Eilken, MBA, CISSP, Lead Project Manager American Express Enabling Automated Cyber Intelligence Sharing Using the FS-ISAC Cyber Intelligence Repository David has over 15 years of experience in IT systems integration, network design, and project/ program management. Prior to American Express, David managed scopes of work on complex multi-billion dollar industrial projects with Fluor Corporation overseas. Most recently, David setup the PMO for Tesco in China, overseeing more than a hundred million dollars in yearly real estate development nationwide. At American Express, David leads various projects within the Chief Information Security Office, spanning penetration testing and cyber security threat intelligence analytics and assurance. He holds two degrees in architecture from the University of Illinois at Urbana-Champaign, and is a graduate of the University of Chicago, Booth School of Business, with an MBA in strategy and economics. He is also a Certified Information Systems Security Professional (CISSP) and certified Project Management Professional (PMP). Joe Fantuzzi President and Chief Executive Officer Agiliance Inc. Securing Your Data - Fresh Thoughts on the Original Mission of Information Security Joe drives the company's overall business direction, strategy, and execution. He is an expert in creating high-growth, venturebacked businesses in emerging technology markets. He has also helped build over $3 billion in market valuation as an executive for industry leading companies throughout his career. Bringing 25 years of software experience to Agiliance, Joe was CEO at Workshare (security software) for nearly five years, growing new sales by 400% and customers from 3,500 to 11,000, including 62% of the Fortune 1000, establishing a household name in the content security space. Previous to Workshare, Joe was CEO at Liquid Engines&trade (financial management software), now a division of Thomson Reuters (TRI). Here he created a strategic cash and tax planning solution for global enterprises. Prior, Joe was co-founder and CEO at NetDialog (software-as-a-service-based Customer Relationship Management), and sold it to KANA for $100 million in 1999. Prior to NetDialog, he was General Manager at Autodesk (ADSK) Discreet (3-D graphics software), growing that business unit market share from 20% to 65% over three years. Joe was also Vice President of Worldwide Marketing at Macromedia (ADBE) from inception, to private-private merger, through its public offering, and Director of International Sales and Marketing at Interleaf (BVSN), then Inc's 7th fastest growing company in America. Joe holds a Master's degree in Computer Engineering from Tufts University in Boston, MA and a Bachelor of Science degree in Electrical Engineering from Bucknell University in Lewisburg, PA.

Amad Fida CEO Brinqa Effectively Obtaining, Using and Gaining Value From High Volume Threat Intelligence Data Amad brings over 15 years of experience in security software to Brinqa where he drives the vision and overall business strategy. Previously, he was co-founder and Vice President of Engineering at Vaau a visionary company in Compliance and Role Management. While at Vaau, Amad architected, developed, and delivered the first version of their flagship product and was responsible for setting the strategic technology and product direction until their acquisition by Sun Microsystems in 2008. At Sun, Amad led the Identity Compliance and Role Management business in delivering the #1 Role Management product as rated by industry leading analysts. Alex Foley Vice President; Specialist - Sys/Data Security - Global Bank of America Enabling Automated Cyber Intelligence Sharing Using the FS-ISAC Cyber Intelligence Repository Alex Foley has worked in a variety of enterprise information security areas over the past four years, starting in insider threat where he was responsible for quantifying the impact and value of controls along with implementing new means of dealing with emerging threat vectors such as social media and intellectual property leakage. Later he joined the bank s new critical supplier vulnerability modeling program where the team created the first methodology for analyzing holistic vendor risk where analytic outputs feed into policy and contractual changes in the vendor domain. Alex currently coordinates the strategy components of the bank s APT, DDoS and Cyber Analytics programs within Cyber Security Technology. Sean Franklin Vice President - Information Security American Express Mitigating Risk in an Expanding Mobile Universe Sean Franklin is the Vice President of Information Security Management in the Chief Information Security Office of American Express. He currently leads an organization focused on cyber threat intelligence, penetration testing and data breach incident response. Sean has over a decade of experience in information security. During this time he has built capabilities and teams focused on threat intelligence, vulnerability and patch management, security incident response, security data analytics and penetration testing and ethical hacking. Sean is a certified CISSP with ISC2, Six Sigma Black Belt, holds ISACA Certified Information Security Manager (CISM) and Certified in Risk & Information Systems Control (CRISC) certifications, and is currently a board member with the FS - ISAC. Gil Friedrich Vice President, Technology Forescout Continuous Monitoring How the New Requirements Are Driving Change in the Enterprise Gil Friedrich is responsible for driving business development and OEM activity at ForeScout. In this role, Gil identifies partnership and OEM opportunities, and finds new market opportunities leveraging ForeScout s technology. Before taking this position, Gil served as ForeScout s VP of R&D and headed ForeScout s engineering team for 6 years. Gil brings over 15 years of managerial and technical experience in developing networking software. Gil holds a M.Sc. in Computer Science from Tel- Aviv University (Cum Laude) and a B.Sc. in Physics and Computer Science from Tel-Aviv University (Cum Laude).

Joseph Gan CTO and Co-Founder V-Key Corp Mitigating Risk in an Expanding Mobile Universe Joseph Gan is an experienced technologist in the area of computer security. In V-Key, Joseph oversees the research into mobile threats and the development of protection and intelligence solutions to address these threats. Before joining V-Key, Joseph was in the Centre for Strategic Infocomm Technologies (CSIT) as the head of the Cryptography Lab, where he oversaw research and development into cryptographic solutions for Mindef. Joseph was also previously a Research Manager in D'Crypt, where he grew and developed a research team that provided software security R&D and consultancy services to various government agencies and private companies. For most of his career, Joseph was in charge of cyber security research in CSIT. He grew the research effort from a small team in 2002 to a Cyber Security Laboratory by the time he left in 2009. As the lab head, Joseph oversaw software security research in Windows, Linux, and mobile phone security on various platforms. Joseph holds both an MSc and BSc in Electrical Engineering from Stanford University, California, which he attended on a Public Service Commission Overseas Merit Scholarship. Keith Gordon Information Security Executive Capitol One Members Only Session: Proactive Defense Keith Gordon is the VP of Information Security and Risk Management at Capital One. He is responsible for Enterprise strategic direction while managing the inherent risks of the business. Previously Keith was SVP of Security, Fraud and Enrollment Executive at Bank of America for Consumer Channels. He led the authentication and security strategies and product development for consumer online and mobile banking. Gordon also managed the e-mail security strategy and acts as an expert on online threats and fraud at the enterprise level. Gordon serves on the board of directors at the National Cyber Security Alliance. Keith s previous role was the Technology Executive in the Consumer Channel Technologies group focusing on Technology Risk, Compliance, Security & Fraud. His teams led the efforts to define and build the enterprise standards for both application security and compliance. Gabriel Gumbs WhiteHat Security Securing Your Data - Fresh Thoughts on the Original Mission of Information Security Gabriel as Director of Solutions Architecture, Customer Success at WhiteHat Security provides Application Security program guidance to enterprise customers driving their business, organizational and internal program development and evolution. An accomplished Security Professional, IT Director and avid Triathlete, Gabriel's knowledge of the security business spans more than 13 years across multiple disciplines.

Lars Harvey CEO Internet Identity (IID) Threat Sharing and Collaboration, Security Industry in Transition Lars Harvey co-founded IID and is the company's lead executive. He is an active participant in several industry groups, including the Anti-Phishing Working Group (APWG), Online Trust Alliance (OTA) and Digital PhishNet, a collaboration between industry and law enforcement. Prior to starting Internet Identity, Harvey founded two web-centric businesses and held product and marketing management roles in business-to-business service companies including DST Systems. Harvey earned an MBA from the Haas School of Business at UC-Berkeley and holds a bachelor s degree in Economics from Dartmouth College. Marshall Heilman Director MANDIANT An Attacker's-Eye View Marshall Heilman is a Director in Mandiant s Washington, D.C. office and is responsible for leading some of Mandiant s most challenging incident response engagements. Over the past year, Marshall has performed investigations involving financial crime, online gaming, economic espionage, and the Advanced Persistent Threat attack groups. Many of these investigations made headlines throughout the world. Marshall does not specialize in a specific attack group or threat area. He enjoys investigating complex breaches regardless of the type of attacker. Matthew Hellmann Principal Principal Continuous Monitoring How the New Requirements Are Driving Change in the Enterprise I have been a security professional for approximately 15 years. In that time, I have performed in a variety of hands-on technical roles such as firewall and intrusion detection, network and application penetration testing, and security event monitoring. Today, I lead the security monitoring, incident response, and vulnerability testing teams at Principal Financial Group.

Chauncey Holden CSO Fidelity Members Only Session: Proactive Defense Chauncey is currently the SVP and CISO for Fidelity Investments. Chauncey acquired his current position in 2010 and is responsible for the overall technology strategy, leadership and execution for the enterprise information security program and centralized security services. He joined Fidelity in 1998, and during his tenure with the firm has held a variety of positions within the centralized information security functions. Prior to joining Fidelity, Chauncey worked for Liberty Mutual Insurance, Lockheed Martin, Motorola, and the Dial Corporation where he started as a financial auditor and obtained his CPA certification. He transitioned from that into IT auditing and then information security. Chauncey received his Bachelor s of Arts degree in Economics from Northwestern University and his M.B.A. from the University of Pittsburgh. Byron Hundley Threat Architect First Data Proactive Tactics for Avoiding Attacks and Data Breaches I am currently an Enterprise Threat Architect at First Data (actually just started here at the beginning of March). I m primarily responsible for assessing threats from internal and external sources and what has been called poking holes in the security program to expose weaknesses and then come up with solutions to strengthen or eradicate the weakness. Before that I spent most of my career as a contractor in the area of incident response, computer forensics, cyber intelligence/counterintelligence at various military, government, and commercial organizations with my last assignment, before returning to the USA, in beautiful Garmish-Partenkirchen, Germany. While there I was primarily involved with creating proactive counterintelligence capability and analysis in the DOD space. Before my cyber career I was a knuckle dragging law enforcement officer primarily focused on special operations and investigations.

Jim Jaeger Vice President General Dynamics Fidelis Cybersecurity Solutions Large Scale Incident Response "Lessons Learned" Jim Jaeger is responsible for managing the Network Defense and Forensics business area at General Dynamics Fidelis Cybersecurity Solutions, including Digital Forensics Lab. In this role, he has led cyber forensics investigations into some of the largest network breaches impacting our industry. Mr. Jaeger has also held a leadership role for a wide range of cyber programs including General Dynamics' support for the DoD Cyber Crime Center (DC3), the Defense Computer Forensic Lab and the DefenseCyber Crime Institute. Previously, he created General Dynamics' information assurance and critical infrastructure protection group, which has developed a wide variety of Information Assurance tools, ranging from the Air Force's intrusion detection infrastructure to the only network based multi-level security (MLS) system accredited by the National Security Agency at Protection Level 4 without waivers. He is a former Brigadier General in the United States Air Force and his military service includes stints as the Director of Intelligence (J2) for the U.S. Atlantic Command, Assistant Deputy Director of Operations at the National Security Agency, and Commander of the Air Force Technical Applications Center. In these capacities, Mr. Jaeger was responsible for the collection and reporting of intelligence to Theater Commanders and the National Command Authority. He received his Bachelor of Science degree from the Air Force Academy and his Master's degree in Management & Supervision from Central Michigan University. He also completed the Executive Development Program at the Whitmore Graduate School of Business of the University of New Hampshire.

General John Ashcroft Ashcroftgroup, LLC Access, Privacy & Security The Balancing Act U.S. Attorney General. Governor of Missouri. U.S. Senator. John Ashcroft, the Chairman of the Ashcroft Group, has been leading Americans for over 30 years in public and private service. In 2005, Mr. Ashcroft established The Ashcroft Group, LLC to help domestic and international corporations apply the leadership principles, sound judgment, and high goals he embraced during his over three decades of public service to the business world. As Attorney General, Mr. Ashcroft led the U.S. Department of Justice through the transformational period after the September 11, 2001 attacks, reorganizing the Department to focus on its number one priority: preventing terrorism. The tough antiterrorism campaign he directed helped keep America safe throughout his tenure and resulted in the dismantling of terrorist cells across America and the disruption of over 150 terrorist plots worldwide. Within two months of the attacks, and with financial markets still reeling, the unprecedented corporate scandals at ENRON, WorldCom and dozens more unfolded, further destabilizing the basis of our economy. John Ashcroft was called on to restore America s faith in the integrity of our marketplace. He marshaled the resources of the federal government to bring to justice those guilty of massive corporate fraud. At all times, he demanded that cases be brought swiftly, with appropriate serious penalties; always taking into account the best interests of the employees and shareholders whose lives were most directly affected. As the Justice Departments CEO, Mr. Ashcroft led the world s largest and best international law firm and law enforcement agency -- an organization larger than most Fortune 500 companies with over 122,000 employees. Mr. Ashcroft integrated strategic planning, budgeting and performance measures, which resulted in the DOJ earning a clean audit for the first time its history. He was raised in Springfield, Missouri, received his undergraduate degree from Yale University and his Juris Doctor from the University of Chicago.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback